[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jan 9 20:14:27 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ae35501b by security tracker role at 2026-01-09T20:14:19+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,25 +9,25 @@ CVE-2026-22195 (GestSup versions up to and including 3.2.56 contain a SQL inject
 CVE-2026-22194 (GestSup versions up to and including 3.2.56 contain a cross-site reque ...)
 	TODO: check
 CVE-2026-22082 (This vulnerability exists in Tenda wireless routers (300Mbps Wireless  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-22081 (This vulnerability exists in Tenda wireless routers (300Mbps Wireless  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-22080 (This vulnerability exists in Tenda wireless routers (300Mbps Wireless  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-22079 (This vulnerability exists in Tenda wireless routers (300Mbps Wireless  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-0817 (Missing Authorization vulnerability in Wikimedia Foundation MediaWiki  ...)
 	TODO: check
 CVE-2026-0803 (A vulnerability was found in PHPGurukul Online Course Registration Sys ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2026-0627 (The AMP for WP plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7072 (The firmware in KAON CG3000TCand CG3000T routers contains hard-coded c ...)
 	TODO: check
 CVE-2025-70161 (EDIMAX BR-6208AC V2_1.02 is vulnerable to Command Injection. This aris ...)
 	TODO: check
 CVE-2025-69542 (A Command Injection Vulnerability has been discovered in the DHCP daem ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-69426 (The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 (GA ...)
 	TODO: check
 CVE-2025-69425 (The Ruckus vRIoT IoT Controllerfirmware versions prior to 3.0.0.0 (GA) ...)
@@ -49,7 +49,7 @@ CVE-2025-67278 (An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.
 CVE-2025-67133 (An issue in Hero Motocorp Vida V1 Pro 2.0.7 allows a local attacker to ...)
 	TODO: check
 CVE-2025-67070 (A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB ...)
-	TODO: check
+	NOT-FOR-US: Intelbras
 CVE-2025-67004 (An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin ...)
 	TODO: check
 CVE-2025-66744 (In Yonyou YonBIP v3 and before, the LoginWithV8 interface in the serie ...)
@@ -75,13 +75,13 @@ CVE-2025-64090 (This vulnerability allows authenticated attackers to execute com
 CVE-2025-56225 (fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer de ...)
 	TODO: check
 CVE-2025-46676 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-46645 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-46644 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-46643 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-15496 (A vulnerability was determined in guchengwuyue yshopmall up to 1.9.1.  ...)
 	TODO: check
 CVE-2025-15495 (A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impac ...)
@@ -93,45 +93,45 @@ CVE-2025-15493 (A flaw has been found in RainyGao DocSys up to 2.02.36. The impa
 CVE-2025-15492 (A vulnerability was detected in RainyGao DocSys up to 2.02.36. The aff ...)
 	TODO: check
 CVE-2025-15035 (Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 ( ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2025-14598 (BeeS Software Solutions BET Portal contains an SQL injection vulnerabi ...)
 	TODO: check
 CVE-2025-14172 (The WP Page Permalink Extension plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13967 (The Woodpecker for WordPress plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13908 (The The Tooltip plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13903 (The PullQuote plugin for WordPress is vulnerable to Stored Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13900 (The WP Popup Magic plugin for WordPress is vulnerable to Stored Cross- ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13897 (The Client Testimonial Slider plugin for WordPress is vulnerable to St ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13895 (The Top Position Google Finance plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13893 (The Lesson Plan Book plugin for WordPress is vulnerable to Reflected C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13892 (The MG AdvancedOptions plugin for WordPress is vulnerable to Reflected ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13862 (The Menu Card plugin for WordPress is vulnerable to Stored Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13854 (The Curved Text plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13853 (The Nearby Now Reviews plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13852 (The Debt.com Business in a Box plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13729 (The Entry Views plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13717 (The Contact Form vCard Generator plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13704 (The Autogen Headers Menu plugin for WordPress is vulnerable to Stored  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13701 (The Shabat Keeper plugin for WordPress is vulnerable to Reflected Cros ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11453 (The Header and Footer Scripts plugin for WordPress is vulnerable to St ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2020-36875 (AccessAlly WordPress plugin versions prior to3.3.2 contain an unauthen ...)
 	TODO: check
 CVE-2025-14459



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae35501b9d21dcf0b21ac17b0abbb5f69d42ab07

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae35501b9d21dcf0b21ac17b0abbb5f69d42ab07
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260109/33c93cea/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list