[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Wed, 04 Mar 2026 12:14:25 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2d24365e by security tracker role at 2026-03-04T20:14:04+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,17 +21,17 @@ CVE-2026-3536 (Integer overflow in ANGLE in Google Chrome 
prior to 145.0.7632.15
 CVE-2026-3520 (Multer is a node.js middleware for handling 
`multipart/form-data`. A v ...)
        TODO: check
 CVE-2026-3439 (A post-authentication Stack-based Buffer Overflow vulnerability 
in Son ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2026-3125 (A Server-Side Request Forgery (SSRF) vulnerability was 
identified in t ...)
        TODO: check
 CVE-2026-3103 (A logic error in the remove_password() function in Checkmk 
GmbH's Chec ...)
        TODO: check
 CVE-2026-3094 (Delta Electronics CNCSoft-G2lacks proper validation of the 
user-suppli ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2026-3058 (The Seraphinite Accelerator plugin for WordPress is vulnerable 
to Sens ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-3056 (The Seraphinite Accelerator plugin for WordPress is vulnerable 
to unau ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-2748 (SEPPmail Secure Email Gateway before version 15.0.1 improperly 
validat ...)
        TODO: check
 CVE-2026-2747 (SEPPmail Secure Email Gateway before version 15.0.1 decrypts 
inline PG ...)
@@ -39,7 +39,7 @@ CVE-2026-2747 (SEPPmail Secure Email Gateway before version 
15.0.1 decrypts inli
 CVE-2026-2746 (SEPPmail Secure Email Gateway before version 15.0.1 does not 
properly  ...)
        TODO: check
 CVE-2026-2355 (The My Calendar \u2013 Accessible Event Manager plugin for 
WordPress i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-29120 (The /root/anaconda-ks.cfg installation configuration file in 
Internati ...)
        TODO: check
 CVE-2026-29119 (International Datacasting Corporation (IDC) SFX Series 
SuperFlex(SFX21 ...)
@@ -79,7 +79,7 @@ CVE-2026-27442 (The GINA web interface in SEPPmail Secure 
Email Gateway before v
 CVE-2026-27441 (SEPPmail Secure Email Gateway before version 15.0.1 
insufficiently neu ...)
        TODO: check
 CVE-2026-26949 (Dell Device Management Agent (DDMA), versions prior to 26.02, 
contain  ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-26673 (An issue in DJI Mavic Mini, Spark, Mavic Air, Mini, Mini SE 
0.1.00.050 ...)
        TODO: check
 CVE-2026-26514 (An Argument Injection vulnerability exists in bird-lg-go 
before commit ...)
@@ -87,41 +87,41 @@ CVE-2026-26514 (An Argument Injection vulnerability exists 
in bird-lg-go before
 CVE-2026-26478 (A shell command injection vulnerability in Mobvoi Tichome Mini 
smart s ...)
        TODO: check
 CVE-2026-25907 (Dell PowerScale OneFS, version 9.13.0.0, contains an overly 
restrictiv ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-24732 (Files or Directories Accessible to External Parties, Incorrect 
Permiss ...)
        TODO: check
 CVE-2026-23812 (A vulnerability has been identified where an attacker 
connecting to an ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2026-23811 (A vulnerability in the client isolation mechanism may allow an 
attacke ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2026-23810 (A vulnerability in the packet processing logic may allow an 
authentica ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2026-23809 (A technique has been identified that adapts a known 
port-stealing meth ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2026-23808 (A vulnerability has been identified in a standardized wireless 
roaming ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2026-23601 (A vulnerability has been identified in the wireless encryption 
handlin ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2026-22760 (Dell Device Management Agent (DDMA), versions prior to 26.02, 
contain  ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-22285 (Dell Device Management Agent (DDMA), versions prior to 26.02, 
contain  ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-22270 (Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 
9.11.0. ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-21426 (Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 
9.11.0. ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-21425 (Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 
9.11.0. ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-21424 (Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 
9.11.0. ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-21423 (Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 
9.11.0. ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-21422 (Dell PowerScale OneFS, versions 9.10.0.0 through 9.10.1.5 and 
versions ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-21421 (Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 
9.11.0. ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-20149 (A vulnerability in Cisco Webex could have allowed an 
unauthenticated,  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2026-20131 (A vulnerability in the web-based management interface of Cisco 
Secure  ...)
        TODO: check
 CVE-2026-20106 (A vulnerability in the Remote Access SSL VPN, HTTP management 
and MUS  ...)
@@ -155,9 +155,9 @@ CVE-2026-20066 (Multiple Cisco products are affected by a 
vulnerability in the S
 CVE-2026-20065 (Multiple Cisco products are affected by a vulnerability in the 
Snort 3 ...)
        TODO: check
 CVE-2026-20064 (A vulnerability in of Cisco Secure Firewall Threat Defense 
(FTD) Softw ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2026-20063 (A vulnerability in the CLI of Cisco Secure FTD Software could 
allow an ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2026-20062 (A vulnerability in the CLI of Cisco Secure Firewall Adaptive 
Security  ...)
        TODO: check
 CVE-2026-20058 (Multiple Cisco products are affected by vulnerabilities in the 
Snort 3 ...)
@@ -169,9 +169,9 @@ CVE-2026-20054 (Multiple Cisco products are affected by a 
vulnerability in the S
 CVE-2026-20053 (Multiple Cisco products are affected by a vulnerability in the 
Snort 3 ...)
        TODO: check
 CVE-2026-20052 (A vulnerability in the memory management handling for the 
Snort 3 Dete ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2026-20050 (A vulnerability in the Do Not Decrypt exclusion feature of the 
SSL dec ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2026-20049 (A vulnerability in the processing of Galois/Counter Mode 
(GCM)-encrypt ...)
        TODO: check
 CVE-2026-20044 (A vulnerability in the lockdown mechanism of Cisco Secure 
Firewall Man ...)
@@ -195,9 +195,9 @@ CVE-2026-20020 (A vulnerability in the OSPF protocol of 
Cisco Secure Firewall AS
 CVE-2026-20018 (A vulnerability in the sftunnel functionality of Cisco Secure 
Firewall ...)
        TODO: check
 CVE-2026-20017 (A vulnerability in the CLI of Cisco Secure FTD Software could 
allow an ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2026-20016 (A vulnerability in the Cisco FXOS Software CLI feature for 
Cisco Secur ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2026-20015 (A vulnerability in the IKEv2 feature of Cisco Secure Firewall 
ASA Soft ...)
        TODO: check
 CVE-2026-20014 (A vulnerability in the IKEv2 feature of Cisco Secure Firewall 
ASA Soft ...)
@@ -209,9 +209,9 @@ CVE-2026-20009 (A vulnerability in the implementation of 
the proprietary SSH sta
 CVE-2026-20008 (A vulnerability in a small subset of CLI commands that are 
used on Cis ...)
        TODO: check
 CVE-2026-20007 (A vulnerability in the Snort 2 and Snort 3 deep packet 
inspection of C ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2026-20006 (A vulnerability in the TLS cryptography functionality of the 
Snort 3 D ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2026-20005 (Multiple Cisco products are affected by a vulnerability in the 
Snort 3 ...)
        TODO: check
 CVE-2026-20003 (A vulnerability in the REST API of Cisco Secure FMC Software 
could all ...)
@@ -221,11 +221,11 @@ CVE-2026-20002 (A vulnerability in the web-based 
management interface of Cisco S
 CVE-2026-20001 (A vulnerability in the REST API of Cisco Secure FMC Software 
could all ...)
        TODO: check
 CVE-2026-1706 (The All-in-One Video Gallery plugin for WordPress is vulnerable 
to Ref ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1674 (The Gutena Forms \u2013 Contact Form, Survey Form, Feedback 
Form, Book ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-1236 (The Envira Gallery for WordPress plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-0847 (A vulnerability in NLTK versions up to and including 3.9.2 
allows arbi ...)
        TODO: check
 CVE-2025-70342 (erase-install prior to v40.4 commit 2c31239 writes swiftDialog 
credent ...)
@@ -233,15 +233,15 @@ CVE-2025-70342 (erase-install prior to v40.4 commit 
2c31239 writes swiftDialog c
 CVE-2025-70341 (Insecure permissions in App-Auto-Patch v3.4.2 create a race 
condition  ...)
        TODO: check
 CVE-2025-70226 (Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 
via the cu ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-70223 (Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 
via the cu ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-70220 (Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 
via the cu ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-70219 (Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 
via the go ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-70218 (Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 
via POST t ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-69969 (A lack of authentication and authorization mechanisms in the 
Bluetooth ...)
        TODO: check
 CVE-2025-66944 (SQL Injection vulnerability in vran-dev databaseir v.1.0.7 and 
before  ...)
@@ -273,7 +273,7 @@ CVE-2025-15558 (Docker CLI for Windows searches for plugin 
binaries in C:\Progra
 CVE-2025-12801 (A vulnerability was recently discovered in the rpc.mountd 
daemon in th ...)
        TODO: check
 CVE-2023-7337 (The JS Help Desk \u2013 AI-Powered Support & Ticketing System 
plugin f ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2019-25507 (Ashop Shopping Cart Software contains an SQL injection 
vulnerability t ...)
        TODO: check
 CVE-2019-25506 (FreeSMS 2.1.2 contains a boolean-based blind SQL injection 
vulnerabili ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d24365e2c6fc098996c77690c3608b26f94d5fe

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d24365e2c6fc098996c77690c3608b26f94d5fe
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to