[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 18 08:13:43 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2341edcd by security tracker role at 2026-02-18T08:13:37+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2026-2642 (A security vulnerability has been detected in ggreer the_silver_s
CVE-2026-2641 (A weakness has been identified in universal-ctags ctags up to 6.2.1. T ...)
TODO: check
CVE-2026-2633 (The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2629 (A weakness has been identified in jishi node-sonos-http-api up to 3776 ...)
TODO: check
CVE-2026-2627 (A security flaw has been discovered in Softland FBackup up to 9.9. Thi ...)
@@ -17,21 +17,21 @@ CVE-2026-2622 (A vulnerability was detected in Blossom up to 1.17.1. This vulner
CVE-2026-2621 (A security vulnerability has been detected in Sciyon Koyuan Thermoelec ...)
TODO: check
CVE-2026-2576 (The Business Directory Plugin \u2013 Easy Listing Directories for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2570
REJECTED
CVE-2026-2419 (The WP-DownloadManager plugin for WordPress is vulnerable to Path Trav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2296 (The Product Addons for Woocommerce \u2013 Product Options with Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2281 (The Private Comment plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2112 (The Dam Spam plugin for WordPress is vulnerable to Cross-Site Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2023 (The WP Plugin Info Card plugin for WordPress is vulnerable to Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2019 (The Cart All In One For WooCommerce plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-27171 (zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32 ...)
TODO: check
CVE-2026-27038
@@ -51,123 +51,123 @@ CVE-2026-27032
CVE-2026-27031
REJECTED
CVE-2026-26357 (Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Imprope ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26119 (Improper authentication in Windows Admin Center allows an authorized a ...)
TODO: check
CVE-2026-25421
REJECTED
CVE-2026-23599 (A local privilege-escalation vulnerability has been discovered in the ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-23598 (Vulnerabilities in the API error handling of an HPE Aruba Networking ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-23597 (Vulnerabilities in the API error handling of an HPE Aruba Networking ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-23596 (A vulnerability in the management API of the affected product could al ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-23595 (An authentication bypass in the application API allows an unauthorized ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-22762 (Dell Avamar Server and Avamar Virtual Edition, versions prior to 19.10 ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22284 (Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22048 (StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.1 ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2026-1943 (The YayMail \u2013 WooCommerce Email Customizer plugin for WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1938 (The YayMail \u2013 WooCommerce Email Customizer plugin for WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1937 (The YayMail \u2013 WooCommerce Email Customizer plugin for WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1931 (The Rent Fetch plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1925 (The EmailKit \u2013 Email Customizer for WooCommerce & WP plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1906 (The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1860 (The Kali Forms plugin for WordPress is vulnerable to Insecure Direct O ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1857 (The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1831 (The YayMail - WooCommerce Email Customizer plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1807 (The InteractiveCalculator for WordPress plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1714 (The ShopLentor \u2013 WooCommerce Builder for Elementor & Gutenberg +2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1670 (The affected products are vulnerable to an unauthenticated API endpoin ...)
TODO: check
CVE-2026-1666 (The Download Manager plugin for WordPress is vulnerable to Reflected C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1655 (The EventPrime plugin for WordPress is vulnerable to unauthorized post ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1640 (The Taskbuilder \u2013 WordPress Project Management & Task Management ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1639 (The Taskbuilder \u2013 WordPress Project Management & Task Management ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1368 (The Video Conferencing with Zoom WordPress plugin before 4.6.6 contain ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1344 (Tanium addressed an insecure file permissions vulnerability in Enforce ...)
- TODO: check
+ NOT-FOR-US: Tanium
CVE-2026-1304 (The Membership Plugin \u2013 Restrict Content for WordPress is vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1296 (The Frontend Post Submission Manager Lite plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1277 (The URL Shortify plugin for WordPress is vulnerable to Open Redirect i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1072 (The Keybase.io Verification plugin for WordPress is vulnerable to Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6460 (The Display During Conditional Shortcode plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-67102 (A SQL injection vulnerability in the alldayoffs feature in Jorani up t ...)
TODO: check
CVE-2025-62183 (Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored C ...)
TODO: check
CVE-2025-36379 (IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36377 (IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate sessi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36376 (IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate sessi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36348 (IBM Sterling B2B Integrator versions 6.1.0.0 through 6.1.2.7_2, 6.2.0. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36183 (IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privile ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-33135 (IBM Financial Transaction Manager for ACH Services and Check Services ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-33088 (IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-27900 (IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-27899 (IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitiv ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-27898 (IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidat ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14289 (IBM webMethods Integration Server 12.0 is vulnerable to HTML injection ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13959 (The Filestack plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13691 (IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13689 (IBM DataStage on Cloud Pak for Data could allow an authenticated user ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13333 (IBM WebSphere Application Server 9.0, and 8.5 could provide weaker tha ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-12356 (The Tickera \u2013 Sell Tickets & Manage Events plugin for WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12122 (The Popup Box \u2013 Easily Create WordPress Popups plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12075 (The Order Splitter for WooCommerce plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12074 (The Context Blog theme for WordPress is vulnerable to Information Expo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12071 (The Frontend User Notes plugin for WordPress is vulnerable to Insecure ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12037 (The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11737 (The VK All in One Expansion Unit plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38005 (IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-2630 (A Command Injection vulnerability exists where an authenticated, remot ...)
NOT-FOR-US: Tenable
CVE-2026-2620 (A weakness has been identified in Huace Monitoring and Early Warning S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2341edcd78a36b96b3da9195c9639f380e434424
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2341edcd78a36b96b3da9195c9639f380e434424
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260218/61343f69/attachment.htm>
More information about the debian-security-tracker-commits
mailing list