[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed, 18 Feb 2026 13:29:55 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
877a2468 by Salvatore Bonaccorso at 2026-02-18T22:29:23+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28,13 +28,13 @@ CVE-2026-2507 (When BIG-IP AFM or BIG-IP DDoS is 
provisioned, undisclosed traffi
 CVE-2026-2495 (The WPNakama \u2013 Team and multi-Client Collaboration, 
Editorial and ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-2464 (Path traversal vulnerability in the AMR Printer Management 1.01 
Beta w ...)
-       TODO: check
+       NOT-FOR-US: AMR Printer Management
 CVE-2026-2426 (The WP-DownloadManager plugin for WordPress is vulnerable to 
Path Trav ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-2386 (The The Plus Addons for Elementor \u2013 Addons for Elementor, 
Page Te ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-2329 (An unauthenticated stack-based buffer overflow vulnerability 
exists in ...)
-       TODO: check
+       NOT-FOR-US: Grandstream
 CVE-2026-2230 (The Booking Calendar plugin for WordPress is vulnerable to 
Insecure Di ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-2127 (The SiteOrigin Widgets Bundle plugin for WordPress is 
vulnerable to un ...)
@@ -48,7 +48,7 @@ CVE-2026-27099 (Jenkins 2.483 through 2.550 (both inclusive), 
LTS 2.492.1 throug
 CVE-2026-25500 (Rack is a modular Ruby web server interface. Prior to versions 
2.2.22, ...)
        TODO: check
 CVE-2026-23491 (InvoicePlane is a self-hosted open source application for 
managing inv ...)
-       TODO: check
+       NOT-FOR-US: InvoicePlane
 CVE-2026-22860 (Rack is a modular Ruby web server interface. Prior to versions 
2.2.22, ...)
        TODO: check
 CVE-2026-20144 (In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 
9.3.8, and  ...)
@@ -100,11 +100,11 @@ CVE-2026-0874 (A maliciously crafted CATPART file, when 
parsed through certain A
 CVE-2025-8781 (The Bookster \u2013 WordPress Appointment Booking Plugin plugin 
for Wo ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-8308 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: Key Software Solutions
 CVE-2025-7630 (Improper Restriction of Excessive Authentication Attempts, 
Improper Au ...)
-       TODO: check
+       NOT-FOR-US: Doruk Communication and Automation Industry and Trade 
Wispotter
 CVE-2025-70998 (UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was 
discovered t ...)
-       TODO: check
+       NOT-FOR-US: UTT
 CVE-2025-70152 (code-projects Community Project Scholars Tracking System 1.0 
is vulner ...)
        NOT-FOR-US: code-projects
 CVE-2025-70151 (code-projects Scholars Tracking System 1.0 allows an 
authenticated att ...)
@@ -116,9 +116,9 @@ CVE-2025-70149 (CodeAstro Membership Management System 1.0 
is vulnerable to SQL
 CVE-2025-70148 (Missing authentication and authorization in 
print_membership_card.php  ...)
        NOT-FOR-US: CodeAstro
 CVE-2025-70147 (Missing authentication in /admin/student.php and 
/admin/teacher.php in ...)
-       TODO: check
+       NOT-FOR-US: ProjectWorlds Online Time Table Generator
 CVE-2025-70146 (Missing authentication in multiple administrative action 
scripts under ...)
-       TODO: check
+       NOT-FOR-US: ProjectWorlds Online Time Table Generator
 CVE-2025-70141 (SourceCodester Customer Support System 1.0 contains an 
incorrect acces ...)
        NOT-FOR-US: SourceCodester
 CVE-2025-70064 (PHPGurukul Hospital Management System v4.0 contains a 
Privilege Escala ...)
@@ -128,7 +128,7 @@ CVE-2025-70063 (The 'Medical History' module in PHPGurukul 
Hospital Management S
 CVE-2025-70062 (PHPGurukul Hospital Management System v4.0 contains a 
Cross-Site Reque ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-69287 (The BSV Blockchain SDK is a unified TypeScript SDK for 
developing scal ...)
-       TODO: check
+       NOT-FOR-US: BSV Blockchain SDK
 CVE-2025-65791 (ZoneMinder v1.36.34 is vulnerable to Command Injection in 
web/views/im ...)
        TODO: check
 CVE-2025-65519 (mayswind ezbookkeeping versions 1.2.0 and earlier contain a 
critical v ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/877a246881cdb6ee4d2fb55719d70bfce632dbd8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/877a246881cdb6ee4d2fb55719d70bfce632dbd8
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to