[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 25 20:14:27 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bbc186e8 by security tracker role at 2026-02-25T20:14:18+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2026-3221 (Sensitive user account information is not encrypted in the database i ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-3206 (Improper Resource Shutdown or Release vulnerability in KrakenD, SLU Kr ...)
TODO: check
CVE-2026-3203 (RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and ...)
@@ -27,33 +27,33 @@ CVE-2026-3186 (A vulnerability was determined in feiyuchuixue sz-boot-parent up
CVE-2026-3185 (A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-b ...)
TODO: check
CVE-2026-3171 (A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-3118 (A security flaw was identified in the Orchestrator Plugin of Red Hat D ...)
TODO: check
CVE-2026-2878 (In Progress\xae Telerik\xae UI for AJAX, versions prior to 2026.1.225, ...)
- TODO: check
+ NOT-FOR-US: Progress Software
CVE-2026-2636 (This vulnerability is caused by a CWE\u2011159: "Improper Handling of ...)
- TODO: check
+ NOT-FOR-US: Fortra
CVE-2026-2624 (Missing Authentication for Critical Function vulnerability in ePati Cy ...)
TODO: check
CVE-2026-2479 (The Responsive Lightbox & Gallery plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2416 (The Geo Mashup plugin for WordPress is vulnerable to SQL Injection via ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2410 (The Disable Admin Notices \u2013 Hide Dashboard Notifications plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2367 (The Secure Copy Content Protection and Content Locking plugin for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2301 (The Post Duplicator plugin for WordPress is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-28196 (In JetBrains TeamCity before 2025.11.3 disabling versioned settings le ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-28195 (In JetBrains TeamCity before 2025.11.3 missing authorization allowed p ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-28194 (In JetBrains TeamCity before 2025.11.3 open redirect was possible in t ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-28193 (In JetBrains YouTrack before 2025.3.121962 apps were able to send requ ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-27850 (Due to an improperly configured firewall rule, the router will accept ...)
TODO: check
CVE-2026-27849 (Due to missing neutralization of special elements, OS commands can be ...)
@@ -107,39 +107,39 @@ CVE-2026-26104 (A flaw was found in the udisks storage management daemon that al
CVE-2026-26103 (A flaw was found in the udisks storage management daemon that exposes ...)
TODO: check
CVE-2026-25930 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25929 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25927 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25746 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25743 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25701 (An Insecure Temporary File vulnerability in openSUSE sdbootutil allows ...)
TODO: check
CVE-2026-25554 (OpenSIPS versions 3.1 before 3.6.4 containing the auth_jwt module (pri ...)
TODO: check
CVE-2026-25476 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25220 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25164 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25138 (Rucio is a software framework that provides functionality to organize, ...)
TODO: check
CVE-2026-25136 (Rucio is a software framework that provides functionality to organize, ...)
TODO: check
CVE-2026-24908 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-24890 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-24487 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-24005 (Kruise provides automated management of large-scale applications on Ku ...)
TODO: check
CVE-2026-23627 (OpenEMR is a free and open source electronic health records and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-22866 (Ethereum Name Service (ENS) is a distributed, open, and extensible nam ...)
TODO: check
CVE-2026-22720 (VMware Aria Operations contains a stored cross-site scripting vulnerab ...)
@@ -147,21 +147,21 @@ CVE-2026-22720 (VMware Aria Operations contains a stored cross-site scripting vu
CVE-2026-22719 (VMware Aria Operations contains a command injection vulnerability. A m ...)
TODO: check
CVE-2026-21902 (An Incorrect Permission Assignment for Critical Resource vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2026-21725 (A time-of-create-to-time-of-use (TOCTOU) vulnerability lets recently d ...)
TODO: check
CVE-2026-20133 (A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauth ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20129 (A vulnerability in the API user authentication of Cisco Catalyst SD-WA ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20128 (A vulnerability in the Data Collection Agent (DCA) feature of Cisco Ca ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20127 (A vulnerability in the peering authentication in Cisco Catalyst SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20126 (A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authen ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20122 (A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20107 (A vulnerability in the Object Model CLI component of Cisco Application ...)
TODO: check
CVE-2026-20099 (A vulnerability in the web-based management interface of Cisco FXOS So ...)
@@ -169,29 +169,29 @@ CVE-2026-20099 (A vulnerability in the web-based management interface of Cisco F
CVE-2026-20091 (A vulnerability in the web-based management interface of Cisco FXOS So ...)
TODO: check
CVE-2026-20051 (A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet pr ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20048 (A vulnerability in the Simple Network Management Protocol (SNMP) subsy ...)
TODO: check
CVE-2026-20037 (A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20036 (A vulnerability in the CLI and web-based management interface of Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20033 (A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode ...)
TODO: check
CVE-2026-20010 (A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of ...)
TODO: check
CVE-2026-1929 (The Advanced Woo Labels plugin for WordPress is vulnerable to Remote C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1916 (The WPGSI: Spreadsheet Integration plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0704 (In affected version of Octopus Deploy it was possible to remove files ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2025-69771 (An arbitrary file upload vulnerability in the subtitle loading functio ...)
TODO: check
CVE-2025-67860 (A vulnerability has been identified in the NeuVector scanner where the ...)
TODO: check
CVE-2025-67601 (A vulnerability has been identified within Rancher Manager, where usin ...)
- TODO: check
+ NOT-FOR-US: SUSE
CVE-2025-62878 (A malicious user can manipulate the parameters.pathPatternto create Pe ...)
TODO: check
CVE-2025-50180 (esm.sh is a no-build content delivery network (CDN) for web developmen ...)
@@ -201,7 +201,7 @@ CVE-2025-3525 (GitLab has remediated an issue in GitLab CE/EE affecting all vers
CVE-2025-1242 (The administrative credentials can be extracted through application AP ...)
TODO: check
CVE-2025-14742 (The WP Recipe Maker plugin for WordPress is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14103 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
TODO: check
CVE-2026-27015
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbc186e833d3405d4b59cb0025ceaeeaea4dc154
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbc186e833d3405d4b59cb0025ceaeeaea4dc154
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260225/480ed04e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list