[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Fri Feb 13 08:13:51 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2ed3bc0a by security tracker role at 2026-02-13T08:13:43+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2026-26224 (Intego Log Reporter, a macOS diagnostic utility bundled with Int
 CVE-2026-26188 (Solspace Freeform plugin for Craft CMS 5.x is a super flexible form-bu ...)
 	TODO: check
 CVE-2026-26185 (Directus is a real-time API and App dashboard for managing SQL databas ...)
-	TODO: check
+	NOT-FOR-US: Directus
 CVE-2026-26076 (ntpd-rs is a full-featured implementation of the Network Time Protocol ...)
 	TODO: check
 CVE-2026-26075 (FastGPT is an AI Agent building platform. Due to the fact that FastGPT ...)
@@ -43,7 +43,7 @@ CVE-2026-26011 (navigation2 is a ROS 2 Navigation Framework and System. In 1.3.1
 CVE-2026-26005 (ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 ...)
 	TODO: check
 CVE-2026-26000 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2026-25996 (Inspektor Gadget is a set of tools and framework for data collection a ...)
 	TODO: check
 CVE-2026-25828 (grub-btrfs through 2026-01-31 (on Arch Linux and derivative distributi ...)
@@ -55,7 +55,7 @@ CVE-2026-1721 (Summary  A Reflected Cross-Site Scripting (XSS) vulnerability was
 CVE-2026-1358 (Airleader Master versions 6.381 and prior allow for file uploads witho ...)
 	TODO: check
 CVE-2026-0619 (A reachable infinite loop via an integer wraparound is present in Sili ...)
-	TODO: check
+	NOT-FOR-US: Silicon Labs
 CVE-2025-9293 (A vulnerability in the certificate validation logic may allow applicat ...)
 	TODO: check
 CVE-2025-9292 (A permissive web security configuration may allow cross-origin restric ...)
@@ -65,19 +65,19 @@ CVE-2025-70845 (lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting (XSS)
 CVE-2025-70092 (A cross-site scripting (XSS) vulnerability in the Item Kits function o ...)
 	TODO: check
 CVE-2025-48023 (A vulnerability has been found in Vnet/IP Interface Package provided b ...)
-	TODO: check
+	NOT-FOR-US: Yokogawa
 CVE-2025-48022 (A vulnerability has been found in Vnet/IP Interface Package provided b ...)
-	TODO: check
+	NOT-FOR-US: Yokogawa
 CVE-2025-48021 (A vulnerability has been found in Vnet/IP Interface Package provided b ...)
-	TODO: check
+	NOT-FOR-US: Yokogawa
 CVE-2025-48020 (A vulnerability has been found in Vnet/IP Interface Package provided b ...)
-	TODO: check
+	NOT-FOR-US: Yokogawa
 CVE-2025-48019 (A vulnerability has been found in Vnet/IP Interface Package provided b ...)
-	TODO: check
+	NOT-FOR-US: Yokogawa
 CVE-2025-1924 (A vulnerability has been found in Vnet/IP Interface Package provided b ...)
-	TODO: check
+	NOT-FOR-US: Yokogawa
 CVE-2025-15520 (The RegistrationMagic  WordPress plugin before 6.0.7.2 checks nonces b ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-21961 (Improper restriction of operations within the bounds of a memory buffe ...)
 	TODO: check
 CVE-2020-37167 (ClamAV ClamBC bytecode interpreter contains a vulnerability in functio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ed3bc0a1b48de73bec135ec8f359879acdd8e52

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ed3bc0a1b48de73bec135ec8f359879acdd8e52
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260213/6bb82111/attachment-0001.htm>
