[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Thu, 05 Feb 2026 12:14:28 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
825bb6c6 by security tracker role at 2026-02-05T20:14:06+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,31 +5,31 @@ CVE-2026-23797 (In Quick.Cart user passwords are stored in 
plaintext form. An at
 CVE-2026-23796 (Quick.Cart allows a user's session identifier to be set before 
authent ...)
        TODO: check
 CVE-2026-23572 (Improper access control intheTeamViewerFull and Host 
clients(Windows,m ...)
-       TODO: check
+       NOT-FOR-US: TeamViewer
 CVE-2026-1966 (YugabyteDB Anywhere displays LDAP bind passwords configured via 
gflags ...)
        TODO: check
 CVE-2026-1927 (The Greenshift \u2013 animation and page builder blocks plugin 
for Wor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1707 (pgAdmin versions 9.11 are affected by a Restore restriction 
bypass via ...)
        TODO: check
 CVE-2026-1654 (The Peter's Date Countdown plugin for WordPress is vulnerable 
to Refle ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1523 (Path Traversal vulnerability in Digitek ADT1100 and Digitek 
DT950 from ...)
        TODO: check
 CVE-2026-1517 (A vulnerability was identified in iomad up to 5.0. Affected is 
an unkn ...)
        TODO: check
 CVE-2026-1319 (The Robin Image Optimizer \u2013 Unlimited Image Optimization & 
WebP C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1301 (In builds with PubSub and JSON enabled, a crafted JSON message 
can cau ...)
        TODO: check
 CVE-2026-1294 (The All In One Image Viewer Block plugin for WordPress is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1271 (The ProfileGrid \u2013 User Profiles, Groups and Communities 
plugin fo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0715 (Moxa Arm-based industrial computers running Moxa Industrial 
Linux Secu ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2026-0714 (A physical attack vulnerability exists in certain Moxa 
industrial comp ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2025-70792 (Cross Site Scripting vulnerability in the 
"/admin/category/create" end ...)
        TODO: check
 CVE-2025-70791 (Cross Site Scripting vulnerability in the 
"/admin/order/abandoned" end ...)
@@ -53,9 +53,9 @@ CVE-2025-58190 (The html.Parse function in 
golang.org/x/net/html has an infinite
 CVE-2025-47911 (The html.Parse function in golang.org/x/net/html has quadratic 
parsing ...)
        TODO: check
 CVE-2025-15557 (An Improper Certificate Validation vulnerability in TP-Link 
Tapo H100  ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2025-15551 (The response coming from TP-Link Archer MR200 v5.2, C20 v6, 
TL-WR850N  ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2025-15343 (Tanium addressed an incorrect default permissions 
vulnerability in Enf ...)
        TODO: check
 CVE-2025-15342 (Tanium addressed an improper access controls vulnerability in 
Reputati ...)
@@ -107,15 +107,15 @@ CVE-2025-15311 (Tanium addressed an unauthorized code 
execution vulnerability in
 CVE-2025-15289 (Tanium addressed an improper access controls vulnerability in 
Interact ...)
        TODO: check
 CVE-2025-14150 (IBM webMethods Integration (on prem) - Integration Server 
10.15 throug ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-14079 (The ELEX WordPress HelpDesk & Customer Ticketing System plugin 
for Wor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13491 (IBM App Connect Enterprise Certified Containerup to 12.19.0 
(Continuou ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-13416 (The ProfileGrid \u2013 User Profiles, Groups and Communities 
plugin fo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13379 (IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL 
injection. ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-37152 (PHP-Fusion 9.03.50 panels.php is vulnerable to cross-site 
scripting (X ...)
        TODO: check
 CVE-2020-37151 (phpMyChat Plus 1.98 contains a SQL injection vulnerability in 
the delu ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/825bb6c6ecf899dd70abe122103869c27a46bd76

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/825bb6c6ecf899dd70abe122103869c27a46bd76
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to