[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 28 08:13:53 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
406ef109 by security tracker role at 2026-05-28T07:13:47+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,17 +27,17 @@ CVE-2026-9739 (Vulnerable to DNS rebinding attacks when using SSE (http://b/4994
 CVE-2026-9673 (Versions of the package json-2-csv from 3.15.0 and before 5.5.11 are v ...)
 	TODO: check
 CVE-2026-9644 (The LiveSmart Video Chat Live Video Chat plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-9241 (The FOX \u2013 Currency Switcher Professional for WooCommerce plugin f ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-9228 (The Timetable and Event Schedule by MotoPress plugin for WordPress is  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-9208 (Tanium addressed an unauthorized code execution vulnerability in Conne ...)
-	TODO: check
+	NOT-FOR-US: Tanium
 CVE-2026-9009 (The Crawlomatic Multipage Scraper Post Generator plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-8915 (Out-of-bounds write vulnerability in Samsung Open Source Escargot allo ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2026-8364 (Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentSer ...)
 	TODO: check
 CVE-2026-8363 (A stack-based buffer overflow condition exists in WOSDeviceDropFolder. ...)
@@ -51,13 +51,13 @@ CVE-2026-8360 (Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface(
 CVE-2026-8359 (When processing a request with a URL path starting with /status or /sy ...)
 	TODO: check
 CVE-2026-7802 (The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-7533 (The Easy Digital Downloads plugin for WordPress is vulnerable to Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-5737 (The Independent Analytics plugin for WordPress is vulnerable to Server ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-4888 (The Everest Forms \u2013 Contact Form, Payment Form, Quiz, Survey & Cu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-49009 (Northern.tech Mender Server v4.1.0, v4.0.1 and below, and fixed in v4. ...)
 	TODO: check
 CVE-2026-48792 (pam_usb provides hardware authentication for Linux using ordinary remo ...)
@@ -141,7 +141,7 @@ CVE-2026-42877 (FacturaScripts is an open source accounting and invoicing softwa
 CVE-2026-42197 (RELATE is a web-based courseware package. Versions prior to commit 555 ...)
 	TODO: check
 CVE-2026-3173 (The Meta Field Block plugin for WordPress is vulnerable to Insecure Di ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-33552 (Northern.tech Mender Enterprise Server before 4.1.1 has Incorrect Acce ...)
 	TODO: check
 CVE-2026-32999 (Insufficient character filtering in backup agent signing module on Com ...)
@@ -155,9 +155,9 @@ CVE-2026-32996 (This vulnerability in Veeam Agent for Microsoft Windows allows f
 CVE-2026-32995 (The Rocket.Chat DDP method autoTranslate.translateMessage in versions  ...)
 	TODO: check
 CVE-2026-2374 (The Login No Captcha reCAPTCHA plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-21785 (A misconfigured Content Security Policy (CSP) in HCL BigFix Remote Con ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2026-48095
 	- 7zip 26.01+dfsg-1
 	- p7zip 16.02+transitional.1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/406ef109f036440eebdfd72648aaf077035a23f4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/406ef109f036440eebdfd72648aaf077035a23f4
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260528/216edb23/attachment.htm>

More information about the debian-security-tracker-commits mailing list