[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Tue Jan 27 08:13:52 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d486ed78 by security tracker role at 2026-01-27T08:13:45+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,7 +37,7 @@ CVE-2026-23889 (pnpm is a package manager. Prior to version 10.28.1, a path trav
 CVE-2026-23888 (pnpm is a package manager. Prior to version 10.28.1, a path traversal  ...)
 	TODO: check
 CVE-2026-23683 (SAP Fiori App Intercompany Balance Reconciliation does not perform nec ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2026-22709 (vm2 is an open source vm/sandbox for Node.js. In vm2 prior to version  ...)
 	TODO: check
 CVE-2026-22696 (dcap-qvl implements the quote verification logic for DCAP (Data Center ...)
@@ -47,25 +47,25 @@ CVE-2026-21408 (beat-access for Windows version 3.0.3 and prior contains an issu
 CVE-2026-1449 (A flaw has been found in Hisense TransTech Smart Bus Management System ...)
 	TODO: check
 CVE-2026-1448 (A vulnerability was detected in D-Link DIR-615 up to 4.10. This impact ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2026-1445 (A vulnerability was found in iJason-Liu Books_Manager up to 298ba73638 ...)
 	TODO: check
 CVE-2026-1444 (A vulnerability has been found in iJason-Liu Books_Manager up to 298ba ...)
 	TODO: check
 CVE-2026-1443 (A flaw has been found in code-projects Online Music Site 1.0. Affected ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2026-1361 (ASDA-Soft Stack-based Buffer Overflow Vulnerability)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2025-59473 (SQL Injection vulnerability in the Structure for Admin authenticated u ...)
 	TODO: check
 CVE-2025-59472 (A denial of service vulnerability exists in Next.js versions with Part ...)
-	TODO: check
+	NOT-FOR-US: Next.js
 CVE-2025-59471 (A denial of service vulnerability exists in self-hosted Next.js applic ...)
-	TODO: check
+	NOT-FOR-US: Next.js
 CVE-2025-30248 (DLL hijacking in the WD Discovery Installer in Western Digital WD Disc ...)
 	TODO: check
 CVE-2025-14971 (The Link Invoice Payment for WooCommerce plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-24440 (Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0. ...)
 	NOT-FOR-US: Tenda
 CVE-2026-24439 (Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d486ed7806625cb785f88afab5e08a822718fd05

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d486ed7806625cb785f88afab5e08a822718fd05
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260127/bbd19f00/attachment.htm>
