[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Feb 14 08:29:06 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8663662d by Salvatore Bonaccorso at 2026-02-14T09:28:43+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,11 +9,11 @@ CVE-2026-2024 (The PhotoStack Gallery plugin for WordPress is vulnerable to SQL
 CVE-2026-2022 (The Smart Forms plugin for WordPress is vulnerable to unauthorized acc ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-26335 (Calero VeraSMART versions prior to2022 R1 use static ASP.NET/IIS machi ...)
-	TODO: check
+	NOT-FOR-US: Calero VeraSMART
 CVE-2026-26334 (Calero VeraSMART versions prior to2026 R1 contain hardcoded static AES ...)
-	TODO: check
+	NOT-FOR-US: Calero VeraSMART
 CVE-2026-26333 (Calero VeraSMART versions prior to2022 R1 expose an unauthenticated .N ...)
-	TODO: check
+	NOT-FOR-US: Calero VeraSMART
 CVE-2026-26303
 	REJECTED
 CVE-2026-26302
@@ -33,9 +33,9 @@ CVE-2026-26296
 CVE-2026-26295
 	REJECTED
 CVE-2026-26273 (Known is a social publishing platform. Prior to 1.6.3, a Critical Brok ...)
-	TODO: check
+	NOT-FOR-US: Known
 CVE-2026-24853 (Caido is a web security auditing toolkit. Prior to 0.55.0, Caido block ...)
-	TODO: check
+	NOT-FOR-US: Caido
 CVE-2026-1988 (The Flexi Product Slider and Grid for WooCommerce plugin for WordPress ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-1987 (The Scheduler Widget plugin for WordPress is vulnerable to Insecure Di ...)
@@ -109,19 +109,19 @@ CVE-2026-0559 (The MasterStudy LMS WordPress Plugin \u2013 for Online Courses an
 CVE-2026-0557 (The WP Data Access plugin for WordPress is vulnerable to Stored Cross- ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-70957 (A Denial of Service (DoS) vulnerability was discovered in the TON Lite ...)
-	TODO: check
+	NOT-FOR-US: TON Lite Server
 CVE-2025-70956 (A State Pollution vulnerability was discovered in the TON Virtual Mach ...)
-	TODO: check
+	NOT-FOR-US: TON
 CVE-2025-70955 (A Stack Overflow vulnerability was discovered in the TON Virtual Machi ...)
-	TODO: check
+	NOT-FOR-US: TON
 CVE-2025-70954 (A Null Pointer Dereference vulnerability exists in the TON Virtual Mac ...)
-	TODO: check
+	NOT-FOR-US: TON
 CVE-2025-70866 (LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control. An auth ...)
-	TODO: check
+	NOT-FOR-US: LavaLite CMS
 CVE-2025-6792 (The One to one user Chat by WPGuppy plugin for WordPress is vulnerable ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-69633 (A SQL Injection vulnerability in the Advanced Popup Creator (advancedp ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop module
 CVE-2025-68128
 	REJECTED
 CVE-2025-68127



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8663662dbbdbac76b1e7f3e146c31cbfd61a40a9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8663662dbbdbac76b1e7f3e146c31cbfd61a40a9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260214/19075c08/attachment.htm>
