[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 27 20:14:27 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
77471908 by security tracker role at 2026-01-27T20:14:20+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2026-24869 (Use-after-free in the Layout: Scrolling and Overflow component.
 CVE-2026-24868 (Mitigation bypass in the Privacy: Anti-Tracking component. This vulner ...)
 	TODO: check
 CVE-2026-24858 (An Authentication Bypass Using an Alternate Path or Channel vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2026-24832 (Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This i ...)
 	TODO: check
 CVE-2026-24831 (Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability i ...)
@@ -123,9 +123,9 @@ CVE-2026-23892 (OctoPrint provides a web interface for controlling consumer 3D p
 CVE-2026-23881 (Kyverno is a policy engine designed for cloud native platform engineer ...)
 	TODO: check
 CVE-2026-23593 (A vulnerability in the web-based management interface of HPE Aruba Net ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2026-23592 (Insecure file operations in HPE Aruba Networking Fabric Composer\xe2\u ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2026-22264 (Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3  ...)
 	TODO: check
 CVE-2026-22263 (Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0 ...)
@@ -147,7 +147,7 @@ CVE-2026-21721 (The dashboard permissions API does not verify the target dashboa
 CVE-2026-21720 (Every uncached /avatar/:hash request spawns a goroutine that refreshes ...)
 	TODO: check
 CVE-2026-21417 (Dell CloudBoost Virtual Appliance, versions prior to 19.14.0.0, contai ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2026-1489 (A flaw was found in GLib. An integer overflow vulnerability in its Uni ...)
 	TODO: check
 CVE-2026-1485 (A flaw was found in Glib's content type parsing logic. This buffer und ...)
@@ -195,21 +195,21 @@ CVE-2026-0919 (The HTTP parser of Tapo C220 v1 and C520WS v2 cameras improperly
 CVE-2026-0918 (The Tapo C220 v1 and C520WS v2 cameras\u2019 HTTP service does not saf ...)
 	TODO: check
 CVE-2026-0746 (The AI Engine plugin for WordPress is vulnerable to Server-Side Reques ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-0705 (Local privilege escalation due to insecure folder permissions. The fol ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2026-0648 (The vulnerability stems from an incorrect error-checking logic in the  ...)
 	TODO: check
 CVE-2025-69565 (code-projects Mobile Shop Management System 1.0 is vulnerable to File  ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-69564 (code-projects Mobile Shop Management System 1.0 is vulnerable to SQL I ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-69563 (code-projects Mobile Shop Management System 1.0 is vulnerable to SQL I ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-69562 (code-projects Mobile Shop Management System 1.0 is vulnerable to SQL I ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-69559 (code-projects Computer Book Store 1.0 is vulnerable to File Upload in  ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-68670 (xrdp is an open source RDP server. xrdp before v0.10.5 contains an una ...)
 	TODO: check
 CVE-2025-65264 (The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate u ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7747190868ceccfcb43acfe73e54c18c7abe158e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7747190868ceccfcb43acfe73e54c18c7abe158e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260127/fec9b855/attachment.htm>

More information about the debian-security-tracker-commits mailing list