[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Feb 9 20:14:10 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e3b5503b by security tracker role at 2026-02-09T20:14:03+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,15 +9,15 @@ CVE-2026-2241 (A vulnerability was found in janet-lang janet up to 1.40.1. This
 CVE-2026-2240 (A vulnerability has been found in janet-lang janet up to 1.40.1. The i ...)
 	TODO: check
 CVE-2026-2227 (A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2026-2226 (A vulnerability has been found in DouPHP up to 1.9. This issue affects ...)
 	TODO: check
 CVE-2026-2225 (A flaw has been found in itsourcecode News Portal Project 1.0. This vu ...)
 	TODO: check
 CVE-2026-2224 (A vulnerability was detected in code-projects Online Reviewer System 1 ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2026-2223 (A security vulnerability has been detected in code-projects Online Rev ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2026-25916 (Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block rem ...)
 	TODO: check
 CVE-2026-25905 (The Python code being run by 'runPython' or 'runPythonAsync' is not is ...)
@@ -25,11 +25,11 @@ CVE-2026-25905 (The Python code being run by 'runPython' or 'runPythonAsync' is
 CVE-2026-25904 (The Pydantic-AI MCP Run Python tool configures the Deno sandbox with a ...)
 	TODO: check
 CVE-2026-25848 (In JetBrains Hub before 2025.3.119807 authentication bypass allowing a ...)
-	TODO: check
+	NOT-FOR-US: JetBrains
 CVE-2026-25847 (In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer ...)
-	TODO: check
+	NOT-FOR-US: JetBrains
 CVE-2026-25846 (In JetBrains YouTrack before 2025.3.119033 access tokens could be expo ...)
-	TODO: check
+	NOT-FOR-US: JetBrains
 CVE-2026-25598 (Harden-Runner is a CI/CD security agent that works like an EDR for Git ...)
 	TODO: check
 CVE-2026-25498 (Craft is a platform for creating digital experiences. In versions 4.0. ...)
@@ -67,7 +67,7 @@ CVE-2026-24777 (OpenProject is an open-source, web-based project management soft
 CVE-2026-24095 (Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0 ...)
 	TODO: check
 CVE-2026-21419 (Dell Display and Peripheral Manager (Windows) versions prior to 2.2 co ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2026-1960 (Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via t ...)
 	TODO: check
 CVE-2026-1959 (Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via t ...)
@@ -77,7 +77,7 @@ CVE-2026-1529 (A flaw was found in Keycloak. An attacker can exploit this vulner
 CVE-2026-1486 (A flaw was found in Keycloak. A vulnerability exists in the jwt-author ...)
 	TODO: check
 CVE-2026-0632 (The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-0398 (Crafted zones can lead to increased resource usage and crafted CNAME c ...)
 	TODO: check
 CVE-2025-7799 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -85,7 +85,7 @@ CVE-2025-7799 (Improper Neutralization of Input During Web Page Generation (XSS
 CVE-2025-7708 (Insertion of Sensitive Information Into Sent Data vulnerability in Atl ...)
 	TODO: check
 CVE-2025-7432 (DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded ...)
-	TODO: check
+	NOT-FOR-US: Silicon Labs
 CVE-2025-6830 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	TODO: check
 CVE-2025-66630 (Fiber is an Express inspired web framework written in Go. Before 2.52. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3b5503b3f73fe7c025a4dacf5ff759304d9a6f7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3b5503b3f73fe7c025a4dacf5ff759304d9a6f7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260209/5e70cb03/attachment.htm>

More information about the debian-security-tracker-commits mailing list