[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Tue Jan 20 08:14:06 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7945d55d by security tracker role at 2026-01-20T08:13:58+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -83,33 +83,33 @@ CVE-2026-1178 (A security vulnerability has been detected in Yonyou KSOA 9.0. Af
 CVE-2026-1177 (A weakness has been identified in Yonyou KSOA 9.0. Affected by this vu ...)
 	TODO: check
 CVE-2026-1176 (A security flaw has been discovered in itsourcecode School Management  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2026-1175 (A vulnerability was identified in birkir prime up to 0.4.0.beta.0. Thi ...)
 	TODO: check
 CVE-2026-1051 (The Newsletter \u2013 Send awesome emails from WordPress plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1045 (The Viet contact plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1042 (The WP Hello Bar plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-0895 (The extension extends TYPO3\u2019 FileSpool component, which was vulne ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 (core or extensions)
 CVE-2025-66523 (URL parameters are directly embedded into JavaScript code or HTML attr ...)
 	TODO: check
 CVE-2025-15466 (The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14978 (The PeachPay \u2014 Payments & Express Checkout for WooCommerce (suppo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14977 (The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution \u2 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14798 (The LearnPress \u2013 WordPress LMS Plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14351 (The Custom Fonts \u2013 Host Your Fonts Locally plugin for WordPress i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14348 (The weMail - Email Marketing, Lead Generation, Optin Forms, Email News ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12573 (The Bookingor  WordPress plugin through 1.0.12 exposes authenticated A ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-23878 (HotCRP is conference review software. Starting in commit aa20ef288828b ...)
 	NOT-FOR-US: HotCRP
 CVE-2026-23852 (SiYuan is a personal knowledge management system. Versions prior to 3. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7945d55d862ff1aa7d34b1c6f40eecfe518ec738

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7945d55d862ff1aa7d34b1c6f40eecfe518ec738
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260120/fe788882/attachment.htm>
