[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jan 23 20:24:34 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d5a4a184 by Moritz Muehlenhoff at 2026-01-23T21:24:17+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -191,7 +191,7 @@ CVE-2026-24522 (Missing Authorization vulnerability in MyThemeShop WP Subscribe
 CVE-2026-24521 (Cross-Site Request Forgery (CSRF) vulnerability in Timur Kamaev Kama T ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24423 (SmarterTools SmarterMail versions prior to build 9511 contain an unaut ...)
-	TODO: check
+	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2026-22276 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versi ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2026-22275 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versi ...)
@@ -205,9 +205,9 @@ CVE-2026-22271 (Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale
 CVE-2026-21867
 	REJECTED
 CVE-2026-1364 (IAQS and I6 developed by JNC has a Missing Authentication vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: IAQS / I6
 CVE-2026-1363 (IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-S ...)
-	TODO: check
+	NOT-FOR-US: IAQS / I6
 CVE-2026-1299 (The  email module, specifically the "BytesGenerator" class, didn\u2019 ...)
 	TODO: check
 CVE-2026-0994 (A denial-of-service (DoS) vulnerability exists in google.protobuf.json ...)
@@ -237,9 +237,9 @@ CVE-2025-67125 (A signed integer overflow in docopt.cpp v0.6.2 (LeafPattern::mat
 CVE-2025-67124 (A TOCTOU and symlink race in svenstaro/miniserve 0.32.0 upload finaliz ...)
 	TODO: check
 CVE-2025-66720 (Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/pro ...)
-	TODO: check
+	NOT-FOR-US: Free5GC
 CVE-2025-66719 (An issue was discovered in Free5gc NRF 1.4.0. In the access-token gene ...)
-	TODO: check
+	NOT-FOR-US: Free5GC
 CVE-2025-4320 (Authentication Bypass by Primary Weakness, Weak Password Recovery Mech ...)
 	TODO: check
 CVE-2025-4319 (Improper Restriction of Excessive Authentication Attempts, Weak Passwo ...)
@@ -255,21 +255,21 @@ CVE-2025-14866 (The Melapress Role Editor plugin for WordPress is vulnerable to
 CVE-2025-13921 (The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-47906 (BloofoxCMS 0.5.2.1 contains a stored cross-site scripting vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: BloofoxCMS
 CVE-2021-47905 (MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnera ...)
 	NOT-FOR-US: MyBB
 CVE-2021-47904 (PhreeBooks 5.2.3 contains an authenticated file upload vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: PhreeBooks
 CVE-2021-47903 (LiteSpeed Web Server Enterprise 5.4.11 contains an authenticated comma ...)
-	TODO: check
+	NOT-FOR-US: LiteSpeed Web Server Enterprise
 CVE-2021-47899 (YetiShare File Hosting Script 5.1.0 contains a server-side request for ...)
-	TODO: check
+	NOT-FOR-US: YetiShare File Hosting
 CVE-2021-47898 (Epson USB Display 1.6.0.0 contains an unquoted service path vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Epson
 CVE-2021-47897 (PEEL Shopping 9.3.0 contains a stored cross-site scripting vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: PEEL Shopping
 CVE-2021-47896 (PDF Complete Corporate Edition 4.1.45 contains an unquoted service pat ...)
-	TODO: check
+	NOT-FOR-US: PDF Complete Corporate Edition
 CVE-2021-47895 (Nsauditor 3.2.2.0 contains a denial of service vulnerability that allo ...)
 	TODO: check
 CVE-2021-47894 (Managed Switch Port Mapping Tool 2.85.2 contains a denial of service v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5a4a1845255099652e9cf38001bd6628f7ad807

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5a4a1845255099652e9cf38001bd6628f7ad807
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260123/2c6fce6d/attachment.htm>

More information about the debian-security-tracker-commits mailing list