[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Feb 28 08:13:57 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c3174c3 by security tracker role at 2026-02-28T08:13:50+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2026-2647
 	REJECTED
 CVE-2026-2471 (The WP Mail Logging plugin for WordPress is vulnerable to PHP Object I ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-28517 (openDCIM version 23.04, through commit 4467e9c4, contains an OS comman ...)
 	TODO: check
 CVE-2026-28516 (openDCIM version 23.04, through commit 4467e9c4, contains a SQL inject ...)
@@ -31,11 +31,11 @@ CVE-2026-28415 (Gradio is an open-source Python package designed for quick proto
 CVE-2026-28414 (Gradio is an open-source Python package designed for quick prototyping ...)
 	TODO: check
 CVE-2026-28411 (WeGIA is a web manager for charitable institutions. Prior to version 3 ...)
-	TODO: check
+	NOT-FOR-US: WeGIA
 CVE-2026-28409 (WeGIA is a web manager for charitable institutions. Prior to version 3 ...)
-	TODO: check
+	NOT-FOR-US: WeGIA
 CVE-2026-28408 (WeGIA is a web manager for charitable institutions. Prior to version 3 ...)
-	TODO: check
+	NOT-FOR-US: WeGIA
 CVE-2026-28407 (malcontent is software for discovering supply-chain compromises throug ...)
 	TODO: check
 CVE-2026-28406 (kaniko is a tool to build container images from a Dockerfile, inside a ...)
@@ -71,9 +71,9 @@ CVE-2026-27759 (Featured Image from Content (featured-image-from-content) WordPr
 CVE-2026-27167 (Gradio is an open-source Python package designed for quick prototyping ...)
 	TODO: check
 CVE-2026-1542 (The Super Stage WP WordPress plugin through 1.0.1 unserializes user in ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13673 (The Tutor LMS \u2013 eLearning and online course solution plugin for W ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-28418 (Vim is an open source, command line text editor. Prior to version 9.2. ...)
 	- vim <unfixed>
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-h4mf-vg97-hj8j



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c3174c31ee228bff66830e36e84e702fa6ba78b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c3174c31ee228bff66830e36e84e702fa6ba78b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260228/53bb1502/attachment.htm>

More information about the debian-security-tracker-commits mailing list