[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
212ad205 by security tracker role at 2026-03-03T08:14:12+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,43 +3,43 @@ CVE-2026-3455 (Versions of the package mailparser before 3.9.3 are vulnerable to
 CVE-2026-3449 (Versions of the package @tootallnate/once before 3.0.1 are vulnerable  ...)
 	TODO: check
 CVE-2026-3338 (Improper signature validation in PKCS7_verify() in AWS-LC allows an un ...)
-	TODO: check
+	NOT-FOR-US: Amazon
 CVE-2026-3337 (Observable timing discrepancy in AES-CCM decryption in AWS-LC allows a ...)
-	TODO: check
+	NOT-FOR-US: Amazon
 CVE-2026-3336 (Improper certificate validation in PKCS7_verify() in AWS-LC allows an  ...)
-	TODO: check
+	NOT-FOR-US: Amazon
 CVE-2026-2628 (The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin fo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-2583 (The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-2448 (The Page Builder by SiteOrigin plugin for WordPress is vulnerable to L ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-2269 (The Uncanny Automator \u2013 Easy Automation, Integration, Webhooks &  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-2256 (A command injection vulnerability in ModelScope's ms-agent versions v1 ...)
 	TODO: check
 CVE-2026-20801 (Cleartext Transmission of Sensitive Information (CWE-319) ina componen ...)
-	TODO: check
+	NOT-FOR-US: Gallagher
 CVE-2026-20757 (Improper Lockingvulnerability (CWE-667) inGallagher Morpho integration ...)
-	TODO: check
+	NOT-FOR-US: Gallagher
 CVE-2026-1876 (Improper Resource Shutdown or Release vulnerability in Mitsubishi Elec ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2026-1875 (Improper Resource Shutdown or Release vulnerability in Mitsubishi Elec ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2026-1874 (Always-Incorrect Control Flow Implementation vulnerability in Mitsubis ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2026-1566 (The LatePoint \u2013 Calendar Booking Plugin for Appointments and Even ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1492 (The User Registration & Membership \u2013 Custom Registration Form Bui ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1487 (The LatePoint \u2013 Calendar Booking Plugin for Appointments and Even ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1336 (The AI ChatBot with ChatGPT and Content Generator by AYS plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-0754 (An embedded test key and certificate could be extracted from a Poly Vo ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2025-47147 (Cleartext Storage of Sensitive Information (CWE-312) in the Command Ce ...)
-	TODO: check
+	NOT-FOR-US: Gallagher
 CVE-2025-15595 (Privilege escalation via dll hijacking in Inno Setup 6.2.1 and ealier  ...)
 	TODO: check
 CVE-2025-12345 (A security vulnerability has been detected in LLM-Claw 0.1.0/0.1.1/0.1 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/212ad20528ecbac08c5954875d01bc6dfe0af708

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/212ad20528ecbac08c5954875d01bc6dfe0af708
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260303/ba1503cb/attachment-0001.htm>