[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jan 30 20:14:07 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
626b4429 by security tracker role at 2026-01-30T20:14:01+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,27 +3,27 @@ CVE-2026-25128 (fast-xml-parser allows users to validate XML, parse XML to JS ob
CVE-2026-25050 (Vendure is an open-source headless commerce platform. Prior to version ...)
TODO: check
CVE-2026-24855 (ChurchCRM is an open-source church management system. Versions prior t ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2026-24854 (ChurchCRM is an open-source church management system. A SQL Injection ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2026-23835 (LobeHub is an open source human-and-AI-agent network. Prior to version ...)
TODO: check
CVE-2026-22626 (Due to insufficient input parameter validation on the interface, authe ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2026-22625 (Improper handling of filenames in certain HIKSEMI NAS products may lea ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2026-22624 (Due to inadequate access control, authenticated users of certain HIKSE ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2026-22623 (Due to insufficient input parameter validation on the interface, authe ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2026-22277 (Dell UnityVSA, version(s) 5.4 and prior, contain(s) an Improper Neutra ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-21418 (Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutral ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-1702 (A vulnerability was detected in SourceCodester Pet Grooming Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-1701 (A security vulnerability has been detected in itsourcecode Student Man ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-1700 (A weakness has been identified in projectworlds House Rental and Prope ...)
TODO: check
CVE-2026-1699 (In the Eclipse Theia Website repository, the GitHub Actions workflow . ...)
@@ -31,17 +31,17 @@ CVE-2026-1699 (In the Eclipse Theia Website repository, the GitHub Actions workf
CVE-2026-1691 (A vulnerability has been found in bolo-solo up to 2.6.4. This impacts ...)
TODO: check
CVE-2026-1690 (A flaw has been found in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-1689 (A vulnerability was detected in Tenda HG10 US_HG7_HG9_HG10re_300001138 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-1688 (A security vulnerability has been detected in itsourcecode Directory M ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-1687 (A weakness has been identified in Tenda HG10 US_HG7_HG9_HG10re_3000011 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-1686 (A security flaw has been discovered in Totolink A3600R 5.9c.4959. This ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-1685 (A vulnerability was identified in D-Link DIR-823X 250416. This vulnera ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-1684 (A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this ...)
TODO: check
CVE-2026-1683 (A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by ...)
@@ -49,15 +49,15 @@ CVE-2026-1683 (A vulnerability has been found in Free5GC SMF up to 4.1.0. Affect
CVE-2026-1682 (A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the func ...)
TODO: check
CVE-2026-1498 (An LDAP Injection vulnerability in WatchGuard Fireware OS may allow a ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2026-0709 (Some Hikvision Wireless Access Points are vulnerable to authenticated ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2025-9226 (Zohocorp ManageEngine OpManager, NetFlow Analyzer, and OpUtils version ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2025-7964 (After receiving a malformed 802.15.4 MAC Data Request the Zigbee C ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-6723 (Chef InSpec up to version 5.23 creates named pipes with overly permiss ...)
- TODO: check
+ NOT-FOR-US: Progress Software
CVE-2025-69662 (SQL injection vulnerability in geopandas before v.1.1.2 allows an atta ...)
TODO: check
CVE-2025-62349 (Salt contains an authentication protocol version downgrade weakness th ...)
@@ -69,13 +69,13 @@ CVE-2025-51958 (aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows u
CVE-2025-4686 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-26385 (Johnson Controls Metasys component listed below have Improper Neutral ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2025-1395 (Generation of Error Message Containing Sensitive Information vulnerabi ...)
TODO: check
CVE-2025-13176 (Planting a custom configuration file in ESET Inspect Connectorallow ...)
TODO: check
CVE-2024-9432 (Cleartext Storage of Sensitive Information vulnerability in OpenText\u ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2024-4027 (A flaw was found in Undertow. Servlets using a method that calls HttpS ...)
TODO: check
CVE-2020-37060 (Atomic Alarm Clock 6.3 contains a local privilege escalation vulnerabi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/626b4429fe7887b93917346457d28b2fe1ce7d76
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/626b4429fe7887b93917346457d28b2fe1ce7d76
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260130/686961a8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list