[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Thu Jan 1 20:13:55 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
977b498c by security tracker role at 2026-01-01T20:13:45+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2026-21436 (eopkg is a Solus package manager implemented in python3. In vers
 CVE-2026-21428 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
 	TODO: check
 CVE-2026-0544 (A security flaw has been discovered in itsourcecode School Management  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-69203 (Signal K Server is a server application that runs on a central hub in  ...)
 	TODO: check
 CVE-2025-68620 (Signal K Server is a server application that runs on a central hub in  ...)
@@ -23,31 +23,31 @@ CVE-2025-66023 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Plat
 CVE-2025-55065 (CWE-89 Improper Neutralization of Special Elements used in an SQL Comm ...)
 	TODO: check
 CVE-2025-48769 (Use After Free vulnerability was discovered in fs/vfs/fs_rename code o ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-48768 (Release of Invalid Pointer or Reference vulnerability was discovered i ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-47411 (A user with a legitimate non-administrator account can exploit a vulne ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-15411 (A weakness has been identified in WebAssembly wabt up to 1.0.39. This  ...)
 	TODO: check
 CVE-2025-15410 (A vulnerability was identified in code-projects Online Guitar Store 1. ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15409 (A vulnerability was determined in code-projects Online Guitar Store 1. ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15408 (A vulnerability was found in code-projects Online Guitar Store 1.0. Af ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15407 (A vulnerability has been found in code-projects Online Guitar Store 1. ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15406 (A flaw has been found in PHPGurukul Online Course Registration up to 3 ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-15405 (A vulnerability was detected in PHPEMS up to 11.0. The impacted elemen ...)
 	TODO: check
 CVE-2025-15404 (A security vulnerability has been detected in campcodes School File Ma ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-14627 (The WP Import \u2013 Ultimate CSV XML Importer for WordPress plugin fo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14428 (The All-in-one Sticky Floating Contact Form, Call, Click to Chat, and  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-69413 (In Gitea before 1.25.2, /api/v1/user has different responses for faile ...)
 	- gitea <removed>
 CVE-2025-69412 (KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:fi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/977b498c9b5e42fef6b9daa7b6dbb09b2b8aed98

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/977b498c9b5e42fef6b9daa7b6dbb09b2b8aed98
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260101/4785f3c0/attachment.htm>
