[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 8 20:35:58 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a4a9f7f8 by Salvatore Bonaccorso at 2026-06-08T21:35:13+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2026-9549 (Stored cross-site scripting in the service discovery active check outp ...)
 	- check-mk <removed>
 CVE-2026-9506 (This vulnerability exists in Bagisto due to improper validation of use ...)
-	TODO: check
+	NOT-FOR-US: Bagisto
 CVE-2026-8913 (A command Injection vulnerability exists in the WireGuard client confi ...)
 	NOT-FOR-US: TPLink
 CVE-2026-8833 (Improper neutralization of HTML-encoded characters in the URL validati ...)
@@ -13,15 +13,15 @@ CVE-2026-7765 (Incorrect authorization in the User Messages dashboard widget in
 CVE-2026-7186 (Stored cross-site scripting in the URL dashboard widget in Checkmk <2. ...)
 	TODO: check
 CVE-2026-52778 (YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an un ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2026-50752 (A weakness in the certificate validation logic of the deprecated IKEv1 ...)
-	TODO: check
+	NOT-FOR-US: Checkpoint
 CVE-2026-50751 (A logic flow weakness in Remote Access and Mobile Access certificate v ...)
-	TODO: check
+	NOT-FOR-US: Checkpoint
 CVE-2026-49756 (Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: wojtekmach Req
 CVE-2026-49755 (Improper Handling of Highly Compressed Data (Data Amplification) vulne ...)
-	TODO: check
+	NOT-FOR-US: wojtekmach Req
 CVE-2026-49235 (When Routinator encounters a file via RRDP using a specifically crafte ...)
 	TODO: check
 CVE-2026-49234 (When sending a specifically crafted non-UTF-8 string as select-asn que ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4a9f7f8871a8013a8ccabc3c02e78e38c35b69e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4a9f7f8871a8013a8ccabc3c02e78e38c35b69e
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260608/aa5a58ef/attachment.htm>

More information about the debian-security-tracker-commits mailing list