[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jan 16 08:13:22 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d6763ed4 by security tracker role at 2026-01-16T08:13:15+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,35 +21,35 @@ CVE-2026-22863 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. Befor
 CVE-2026-22045 (Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 a ...)
 	TODO: check
 CVE-2026-21921 (A Use After Free vulnerability in the chassis daemon (chassisd) of Jun ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21920 (An Unchecked Return Value vulnerability in the DNS module of Juniper N ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21918 (A Double Free vulnerability in the flow processing daemon (flowd) of J ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21917 (An Improper Validation of Syntactic Correctness of Input vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21914 (An Improper Locking vulnerability in the GTP plugin of Juniper Network ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21913 (An Incorrect Initialization of Resource vulnerability in the Internal  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21912 (A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in t ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21911 (An Incorrect Calculation vulnerability in the Layer 2 Control  Protoco ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21910 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21909 (A Missing Release of Memory after Effective Lifetime vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21908 (A Use After Free vulnerability was identified in the 802.1X authentica ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21907 (A Use of a Broken or Risky Cryptographic Algorithm vulnerability in th ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21906 (An Improper Handling of Exceptional Conditions vulnerability in the pa ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21905 (A Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-21903 (A Stack-based Buffer Overflow vulnerability in the Packet Forwarding E ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2026-1023 (Statistics Database System developed by Gotac has a Missing Authentica ...)
 	TODO: check
 CVE-2026-1022 (Statistics Database System developed by Gotac has an Arbitrary File Re ...)
@@ -73,31 +73,31 @@ CVE-2026-1009 (A stored cross-site scripting (XSS) vulnerability exists in the A
 CVE-2026-1008 (A stored cross-site scripting (XSS) vulnerability exists in the user p ...)
 	TODO: check
 CVE-2026-1003 (The GetGenie plugin for WordPress is vulnerable to authorization bypas ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1002 (The Vert.x Web static handler component cache can be manipulated to de ...)
 	TODO: check
 CVE-2026-1000 (The MailerLite - WooCommerce integration plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-0975 (Delta Electronics DIAView has Command Injection vulnerability.)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2026-0942 (The Rede Ita\xfa for WooCommerce \u2014 Payment PIX, Credit Card and D ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-0939 (The Rede Ita\xfa for WooCommerce plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-0916 (The Related Posts by Taxonomy plugin for WordPress is vulnerable to St ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-0915 (Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf ...)
 	TODO: check
 CVE-2026-0858 (Versions of the package net.sourceforge.plantuml:plantuml before 1.202 ...)
 	TODO: check
 CVE-2026-0203 (An Improper Handling of Exceptional Conditions vulnerability in packet ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2025-70893 (A time-based blind SQL Injection vulnerability exists in PHPGurukul Cy ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-70892 (Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-70891 (A stored cross-site scripting (XSS) vulnerability exists in Phpgurukul ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-70890 (A stored cross-site scripting (XSS) vulnerability exists in Cyber Cafe ...)
 	TODO: check
 CVE-2025-68671 (lakeFS is an open-source tool that transforms object storage into a Gi ...)
@@ -121,61 +121,61 @@ CVE-2025-64729 (The vulnerability, if exploited, could allow an authenticated mi
 CVE-2025-64691 (The vulnerability, if exploited, could allow an authenticated miscrean ...)
 	TODO: check
 CVE-2025-62582 (Delta Electronics DIAView has multiple vulnerabilities.)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2025-62581 (Delta Electronics DIAView has multiple vulnerabilities.)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2025-61943 (The vulnerability, if exploited, could allow an authenticated miscrean ...)
 	TODO: check
 CVE-2025-61937 (The vulnerability, if exploited, could allow an unauthenticated  miscr ...)
 	TODO: check
 CVE-2025-60011 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2025-60007 (A NULL Pointer Dereference vulnerability in the chassis daemon (chassi ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2025-60003 (A Buffer Over-read vulnerability in the routing protocol daemon (rpd)  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2025-59961 (An Incorrect Permission Assignment for Critical Resource vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2025-59960 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2025-59959 (An Untrusted Pointer Dereference vulnerability in the routing protocol ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2025-52987 (A clickjacking vulnerability exists in the web portal of Juniper Netwo ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2025-15527 (The WP Recipe Maker plugin for WordPress is vulnerable to Information  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-15526 (The Fancy Product Designer plugin for WordPress is vulnerable to Full  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-15370 (The Shield: Blocks Bots, Protects Users, and Prevents Security Breache ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14982 (The Booking Calendar plugin for WordPress is vulnerable to Missing Aut ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14853 (The LEAV Last Email Address Validator plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14793 (The DK PDF \u2013 WordPress PDF Generator plugin for WordPress is vuln ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14384 (The All in One SEO \u2013 Powerful SEO Plugin to Boost SEO Rankings &  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14375 (The RSS Aggregator \u2013 RSS Import, News Feeds, Feed to Post, and Au ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14237 (Buffer overflow in XPS font parse processing on Small Office Multifunc ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2025-14236 (Buffer overflow in Address Book attribute tag processing on Small Offi ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2025-14235 (Buffer overflow in XPS font fpgm data processing on Small Office Multi ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2025-14234 (Buffer overflow in CPCA list processing on Small Office Multifunction  ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2025-14233 (Invalid free in CPCA file deletion processing on Small Office Multifun ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2025-14232 (Buffer overflow in XML processing of XPS file in Small Office Multifun ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2025-14231 (Buffer overflow in print job processing by WSD on Small Office Multifu ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2025-12957 (The All-in-One Video Gallery plugin for WordPress is vulnerable to arb ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12641 (The Awesome Support - WordPress HelpDesk & Support Plugin for WordPres ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-7334 (Changjetong T+ versions up to and including 16.x contain a .NET deseri ...)
 	TODO: check
 CVE-2021-47815 (Nsauditor 3.2.3 contains a denial of service vulnerability in the regi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6763ed4dee683f15db1ad3f4e7f12f755d283af

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6763ed4dee683f15db1ad3f4e7f12f755d283af
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260116/45abe1cf/attachment.htm>

More information about the debian-security-tracker-commits mailing list