[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 8 20:14:43 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1053aa38 by security tracker role at 2026-06-08T19:14:36+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2026-9549 (Stored cross-site scripting in the service discovery active check
 CVE-2026-9506 (This vulnerability exists in Bagisto due to improper validation of use ...)
 	TODO: check
 CVE-2026-8913 (A command Injection vulnerability exists in the WireGuard client confi ...)
-	TODO: check
+	NOT-FOR-US: TPLink
 CVE-2026-8833 (Improper neutralization of HTML-encoded characters in the URL validati ...)
 	TODO: check
 CVE-2026-8078 (Stored cross-site scripting in the global settings change log in Check ...)
@@ -107,21 +107,21 @@ CVE-2026-41722 (VMware Cloud Foundation Operations contains multiple stored cros
 CVE-2026-41448 (AdGuard Home, when started with the --glinet flag, contains an authent ...)
 	TODO: check
 CVE-2026-3011 (The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-39910 (STACKIT IaaS API contains a missing authorization check vulnerability  ...)
 	TODO: check
 CVE-2026-39908 (OpenBullet2 through version 0.3.2 on Windows contains a credential dis ...)
 	TODO: check
 CVE-2026-36789 (Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was disco ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-36786 (Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-34356 (Heap-based Buffer Overflow vulnerability in Apache HTTP Server with ma ...)
 	TODO: check
 CVE-2026-34355 (A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and e ...)
 	TODO: check
 CVE-2026-34194 (Software installed and run as a non-privileged user may conduct improp ...)
-	TODO: check
+	NOT-FOR-US: Imagination Technologies
 CVE-2026-29170 (A cross-site scripting vulnerability exists in mod_proxy_ftp's HTML di ...)
 	TODO: check
 CVE-2026-29167 (Use After Free vulnerability in Apache HTTP Server with mod_ldap in pe ...)
@@ -137,7 +137,7 @@ CVE-2026-25558 (QloApps through 1.7.0 contains a stored cross-site scripting vul
 CVE-2026-25555 (OpenBullet2 through version 0.3.2 contains an authentication bypass vu ...)
 	TODO: check
 CVE-2026-22164 (Software installed and run as a non-privileged user may conduct improp ...)
-	TODO: check
+	NOT-FOR-US: Imagination Technologies
 CVE-2026-11611 (A flaw was found in 389 Directory Server. The Content Synchronization  ...)
 	TODO: check
 CVE-2026-11577 (A flaw was found in Keycloak. A limited administrator can exploit an i ...)
@@ -145,21 +145,21 @@ CVE-2026-11577 (A flaw was found in Keycloak. A limited administrator can exploi
 CVE-2026-11569 (A flaw was found in Quay. The filedrop endpoint accepts any mime type  ...)
 	TODO: check
 CVE-2026-11559 (A vulnerability was detected in CodeAstro Payroll System 1.0. This aff ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2026-11558 (A security vulnerability has been detected in CodeAstro Payroll System ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2026-11557 (A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affe ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11556 (A security flaw has been discovered in Tenda F451 1.0.0.7/1.0.0.9. Imp ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11555 (A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2026-11554 (A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747. This vul ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-11553 (A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon.  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11552 (A vulnerability has been found in SourceCodester Onlne Examination & L ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-11534 (A vulnerability was detected in imvks786 student_management_system up  ...)
 	TODO: check
 CVE-2026-11533 (A security vulnerability has been detected in imvks786 student_managem ...)
@@ -173,71 +173,71 @@ CVE-2026-11530 (A vulnerability was identified in imvks786 student_management_sy
 CVE-2026-11529 (A vulnerability was determined in designcomputer mysql-mcp-server up t ...)
 	TODO: check
 CVE-2026-11528 (A vulnerability was found in Tenda AC18 15.03.05.05. The affected elem ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11524 (A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is th ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11523 (A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11522 (A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11521 (A security vulnerability has been detected in Mohammed-eid35 bank-mana ...)
 	TODO: check
 CVE-2026-11520 (A weakness has been identified in SourceCodester Inventory System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-11519 (A security flaw has been discovered in SourceCodester Inventory System ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-11518 (A vulnerability was identified in SourceCodester Inventory System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-11517 (A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107.  ...)
 	TODO: check
 CVE-2026-11516 (A vulnerability was found in UTT HiPER 2610G up to 3.0.0-171107. This  ...)
 	TODO: check
 CVE-2026-11515 (A vulnerability has been found in SourceCodester Barangay Resident Pro ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-11514 (A flaw has been found in itsourcecode Hospital Management System 1.0.  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2026-11513 (A vulnerability was detected in itsourcecode Hospital Management Syste ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2026-11512 (A security vulnerability has been detected in itsourcecode Hospital Ma ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2026-11511 (A weakness has been identified in Bolt CMS up to 3.7.5. This vulnerabi ...)
 	TODO: check
 CVE-2026-11510 (A security flaw has been discovered in CodeAstro Leave Management Syst ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2026-11509 (A vulnerability was identified in CodeAstro Leave Management System 1. ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2026-11508 (A vulnerability was determined in CodeAstro Leave Management System 1. ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2026-11507 (A vulnerability was found in CodeAstro Leave Management System 1.0. Af ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2026-11506 (A vulnerability has been found in CodeAstro Leave Management System 1. ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2026-11505 (A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT300 ...)
 	TODO: check
 CVE-2026-11504 (A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11503 (A security vulnerability has been detected in Tenda CX12L 16.03.53.12. ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11502 (A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is t ...)
 	TODO: check
 CVE-2026-11501 (A security flaw has been discovered in SourceCodester Hospitals Patien ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-11500 (A vulnerability was identified in Weaviate up to 1.37.7. This vulnerab ...)
 	TODO: check
 CVE-2026-11499 (A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_x ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11498 (A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon.  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-11497 (A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2026-11393 (Improper neutralization of triple-quote characters during Python code  ...)
-	TODO: check
+	NOT-FOR-US: Amazon
 CVE-2026-10787 (Missing authorization in the deleted user groups API in Devolutions Se ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2026-10786 (Improper access control in the ticketing integration settings in Devol ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2026-10544 (Improper neutralization of special elements in the built-in PAM provid ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2024-56123
 	REJECTED
 CVE-2024-56122



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1053aa381c80505adb6b5bf6b8e8a5fa3f46505b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1053aa381c80505adb6b5bf6b8e8a5fa3f46505b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260608/897f2562/attachment.htm>

More information about the debian-security-tracker-commits mailing list