Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2341edcd by security tracker role at 2026-02-18T08:13:37+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2026-2642 (A security vulnerability has been detected in
ggreer the_silver_s
CVE-2026-2641 (A weakness has been identified in universal-ctags ctags up to
6.2.1. T ...)
TODO: check
CVE-2026-2633 (The Gutenberg Blocks with AI by Kadence WP plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2629 (A weakness has been identified in jishi node-sonos-http-api up
to 3776 ...)
TODO: check
CVE-2026-2627 (A security flaw has been discovered in Softland FBackup up to
9.9. Thi ...)
@@ -17,21 +17,21 @@ CVE-2026-2622 (A vulnerability was detected in Blossom up
to 1.17.1. This vulner
CVE-2026-2621 (A security vulnerability has been detected in Sciyon Koyuan
Thermoelec ...)
TODO: check
CVE-2026-2576 (The Business Directory Plugin \u2013 Easy Listing Directories
for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2570
REJECTED
CVE-2026-2419 (The WP-DownloadManager plugin for WordPress is vulnerable to
Path Trav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2296 (The Product Addons for Woocommerce \u2013 Product Options with
Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2281 (The Private Comment plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2112 (The Dam Spam plugin for WordPress is vulnerable to Cross-Site
Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2023 (The WP Plugin Info Card plugin for WordPress is vulnerable to
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2019 (The Cart All In One For WooCommerce plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-27171 (zlib before 1.3.2 allows CPU consumption via crc32_combine64
and crc32 ...)
TODO: check
CVE-2026-27038
@@ -51,123 +51,123 @@ CVE-2026-27032
CVE-2026-27031
REJECTED
CVE-2026-26357 (Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an
Imprope ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26119 (Improper authentication in Windows Admin Center allows an
authorized a ...)
TODO: check
CVE-2026-25421
REJECTED
CVE-2026-23599 (A local privilege-escalation vulnerability has been discovered
in the ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-23598 (Vulnerabilities in the API error handling of an HPE Aruba
Networking ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-23597 (Vulnerabilities in the API error handling of an HPE Aruba
Networking ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-23596 (A vulnerability in the management API of the affected product
could al ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-23595 (An authentication bypass in the application API allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-22762 (Dell Avamar Server and Avamar Virtual Edition, versions prior
to 19.10 ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22284 (Dell SmartFabric OS10 Software, versions prior to 10.5.6.12,
contains ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22048 (StorageGRID (formerly StorageGRID Webscale) versions prior to
11.9.0.1 ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2026-1943 (The YayMail \u2013 WooCommerce Email Customizer plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1938 (The YayMail \u2013 WooCommerce Email Customizer plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1937 (The YayMail \u2013 WooCommerce Email Customizer plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1931 (The Rent Fetch plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1925 (The EmailKit \u2013 Email Customizer for WooCommerce & WP
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1906 (The PDF Invoices & Packing Slips for WooCommerce plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1860 (The Kali Forms plugin for WordPress is vulnerable to Insecure
Direct O ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1857 (The Gutenberg Blocks with AI by Kadence WP plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1831 (The YayMail - WooCommerce Email Customizer plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1807 (The InteractiveCalculator for WordPress plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1714 (The ShopLentor \u2013 WooCommerce Builder for Elementor &
Gutenberg +2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1670 (The affected products are vulnerable to an unauthenticated API
endpoin ...)
TODO: check
CVE-2026-1666 (The Download Manager plugin for WordPress is vulnerable to
Reflected C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1655 (The EventPrime plugin for WordPress is vulnerable to
unauthorized post ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1640 (The Taskbuilder \u2013 WordPress Project Management & Task
Management ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1639 (The Taskbuilder \u2013 WordPress Project Management & Task
Management ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1368 (The Video Conferencing with Zoom WordPress plugin before 4.6.6
contain ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1344 (Tanium addressed an insecure file permissions vulnerability in
Enforce ...)
- TODO: check
+ NOT-FOR-US: Tanium
CVE-2026-1304 (The Membership Plugin \u2013 Restrict Content for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1296 (The Frontend Post Submission Manager Lite plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1277 (The URL Shortify plugin for WordPress is vulnerable to Open
Redirect i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1072 (The Keybase.io Verification plugin for WordPress is vulnerable
to Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6460 (The Display During Conditional Shortcode plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-67102 (A SQL injection vulnerability in the alldayoffs feature in
Jorani up t ...)
TODO: check
CVE-2025-62183 (Pega Platform versions 8.1.0 through 25.1.1 are affected by a
Stored C ...)
TODO: check
CVE-2025-36379 (IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security
ReaQta uses ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36377 (IBM Security QRadar EDR 3.12 through 3.12.23 does not
invalidate sessi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36376 (IBM Security QRadar EDR 3.12 through 3.12.23 does not
invalidate sessi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36348 (IBM Sterling B2B Integrator versions 6.1.0.0 through
6.1.2.7_2, 6.2.0. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36183 (IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a
privile ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-33135 (IBM Financial Transaction Manager for ACH Services and Check
Services ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-33088 (IBM Concert 1.0.0 through 2.1.0 could allow a local user with
specific ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-27900 (IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could
allow a remo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-27899 (IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses
sensitiv ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-27898 (IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not
invalidat ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14289 (IBM webMethods Integration Server 12.0 is vulnerable to HTML
injection ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13959 (The Filestack plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13691 (IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0
returns sensit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13689 (IBM DataStage on Cloud Pak for Data could allow an
authenticated user ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13333 (IBM WebSphere Application Server 9.0, and 8.5 could provide
weaker tha ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-12356 (The Tickera \u2013 Sell Tickets & Manage Events plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12122 (The Popup Box \u2013 Easily Create WordPress Popups plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12075 (The Order Splitter for WooCommerce plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12074 (The Context Blog theme for WordPress is vulnerable to
Information Expo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12071 (The Frontend User Notes plugin for WordPress is vulnerable to
Insecure ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12037 (The WP 404 Auto Redirect to Similar Post plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11737 (The VK All in One Expansion Unit plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38005 (IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and
2.3.5.0 c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-2630 (A Command Injection vulnerability exists where an
authenticated, remot ...)
NOT-FOR-US: Tenable
CVE-2026-2620 (A weakness has been identified in Huace Monitoring and Early
Warning S ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2341edcd78a36b96b3da9195c9639f380e434424
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2341edcd78a36b96b3da9195c9639f380e434424
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
