Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8663662d by Salvatore Bonaccorso at 2026-02-14T09:28:43+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,11 +9,11 @@ CVE-2026-2024 (The PhotoStack Gallery plugin for WordPress is
vulnerable to SQL
CVE-2026-2022 (The Smart Forms plugin for WordPress is vulnerable to
unauthorized acc ...)
NOT-FOR-US: WordPress plugin
CVE-2026-26335 (Calero VeraSMART versions prior to2022 R1 use static
ASP.NET/IIS machi ...)
- TODO: check
+ NOT-FOR-US: Calero VeraSMART
CVE-2026-26334 (Calero VeraSMART versions prior to2026 R1 contain hardcoded
static AES ...)
- TODO: check
+ NOT-FOR-US: Calero VeraSMART
CVE-2026-26333 (Calero VeraSMART versions prior to2022 R1 expose an
unauthenticated .N ...)
- TODO: check
+ NOT-FOR-US: Calero VeraSMART
CVE-2026-26303
REJECTED
CVE-2026-26302
@@ -33,9 +33,9 @@ CVE-2026-26296
CVE-2026-26295
REJECTED
CVE-2026-26273 (Known is a social publishing platform. Prior to 1.6.3, a
Critical Brok ...)
- TODO: check
+ NOT-FOR-US: Known
CVE-2026-24853 (Caido is a web security auditing toolkit. Prior to 0.55.0,
Caido block ...)
- TODO: check
+ NOT-FOR-US: Caido
CVE-2026-1988 (The Flexi Product Slider and Grid for WooCommerce plugin for
WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2026-1987 (The Scheduler Widget plugin for WordPress is vulnerable to
Insecure Di ...)
@@ -109,19 +109,19 @@ CVE-2026-0559 (The MasterStudy LMS WordPress Plugin
\u2013 for Online Courses an
CVE-2026-0557 (The WP Data Access plugin for WordPress is vulnerable to Stored
Cross- ...)
NOT-FOR-US: WordPress plugin
CVE-2025-70957 (A Denial of Service (DoS) vulnerability was discovered in the
TON Lite ...)
- TODO: check
+ NOT-FOR-US: TON Lite Server
CVE-2025-70956 (A State Pollution vulnerability was discovered in the TON
Virtual Mach ...)
- TODO: check
+ NOT-FOR-US: TON
CVE-2025-70955 (A Stack Overflow vulnerability was discovered in the TON
Virtual Machi ...)
- TODO: check
+ NOT-FOR-US: TON
CVE-2025-70954 (A Null Pointer Dereference vulnerability exists in the TON
Virtual Mac ...)
- TODO: check
+ NOT-FOR-US: TON
CVE-2025-70866 (LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control.
An auth ...)
- TODO: check
+ NOT-FOR-US: LavaLite CMS
CVE-2025-6792 (The One to one user Chat by WPGuppy plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2025-69633 (A SQL Injection vulnerability in the Advanced Popup Creator
(advancedp ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2025-68128
REJECTED
CVE-2025-68127
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8663662dbbdbac76b1e7f3e146c31cbfd61a40a9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8663662dbbdbac76b1e7f3e146c31cbfd61a40a9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
