[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Fri Nov 7 08:14:20 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b3bd781 by security tracker role at 2025-11-07T08:14:11+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41,7 +41,7 @@ CVE-2025-64173 (Apollo Router Core is a configurable graph router written in Rus
 CVE-2025-62630 (Due to insufficient sanitization, an attacker can upload a specially   ...)
 	TODO: check
 CVE-2025-5483 (The LC Wizard plugin for WordPress is vulnerable to Privilege Escalati ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-59171 (Due to insufficient sanitization, an attacker can upload a specially   ...)
 	TODO: check
 CVE-2025-58423 (Due to insufficient sanitization, an attacker can upload a specially   ...)
@@ -49,19 +49,19 @@ CVE-2025-58423 (Due to insufficient sanitization, an attacker can upload a speci
 CVE-2025-52662 (A vulnerability in Nuxt DevTools has been fixed in version **2.6.4***. ...)
 	TODO: check
 CVE-2025-4522 (The IDonate \u2013 Blood Donation, Request And Donor Management System ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-4519 (The IDonate \u2013 Blood Donation, Request And Donor Management System ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-48985 (A vulnerability in Vercel\u2019s AI SDK has been fixed in versions 5.0 ...)
 	TODO: check
 CVE-2025-33110 (IBM OpenPages 9.1, and 9.0 with Watson is vulnerable to HTML injection ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-12636 (The Ubia camera ecosystem fails to adequately secure API credentials,  ...)
 	TODO: check
 CVE-2025-12527 (The Page & Post Notes plugin for WordPress is vulnerable to unauthoriz ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12520 (The WP Airbnb Review Slider plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12490 (Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulne ...)
 	TODO: check
 CVE-2025-12489 (evernote-mcp-server openBrowser Command Injection Privilege Escalation ...)
@@ -73,7 +73,7 @@ CVE-2025-12487 (oobabooga text-generation-webui trust_remote_code Reliance on Un
 CVE-2025-12486 (Heimdall Data Database Proxy Cross-Site Scripting Remote Code Executio ...)
 	TODO: check
 CVE-2025-12352 (The Gravity Forms plugin for WordPress is vulnerable to arbitrary file ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11546 (CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUS ...)
 	TODO: check
 CVE-2025-12790 (A flaw was found in Rubygem MQTT. By default, the package used to not  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b3bd781fbb5bd4794c69e03d5819da956cefc64

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b3bd781fbb5bd4794c69e03d5819da956cefc64
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251107/a772eece/attachment.htm>
