[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 9 07:53:17 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f8f63af5 by Moritz Muehlenhoff at 2026-06-09T08:53:10+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -94,11 +94,11 @@ CVE-2026-44119 (Improper Privilege Management vulnerability in Apache HTTP Serve
 	- apache2 <unfixed> (bug #1139340)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-44119
 CVE-2026-43974 (Unexpected Status Code or Return Value vulnerability in ninenines gun  ...)
-	TODO: check
+	NOT-FOR-US: gun
 CVE-2026-43973 (Uncontrolled Resource Consumption vulnerability in ninenines gun (gun_ ...)
-	TODO: check
+	NOT-FOR-US: gun
 CVE-2026-43972 (Origin Validation Error vulnerability in ninenines gun (gun_http2 modu ...)
-	TODO: check
+	NOT-FOR-US: gun
 CVE-2026-43966 (Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Reque ...)
 	TODO: check
 CVE-2026-43951 (Out-of-bounds Read vulnerability in Apache HTTP Server with mod_header ...)
@@ -149,23 +149,23 @@ CVE-2026-29167 (Use After Free vulnerability in Apache HTTP Server with mod_ldap
 	- apache2 <unfixed> (bug #1139340)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-29167
 CVE-2026-25856 (OpenBullet2 through version 0.3.2 contains an authenticated remote cod ...)
-	TODO: check
+	NOT-FOR-US: OpenBullet2
 CVE-2026-25855 (OpenBullet2 through version 0.3.2 contains a remote code execution vul ...)
-	TODO: check
+	NOT-FOR-US: OpenBullet2
 CVE-2026-25559 (OpenBullet2 through version 0.3.2 contains a path traversal vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: OpenBullet2
 CVE-2026-25558 (QloApps through 1.7.0 contains a stored cross-site scripting vulnerabi ...)
 	TODO: check
 CVE-2026-25555 (OpenBullet2 through version 0.3.2 contains an authentication bypass vu ...)
-	TODO: check
+	NOT-FOR-US: OpenBullet2
 CVE-2026-22164 (Software installed and run as a non-privileged user may conduct improp ...)
 	NOT-FOR-US: Imagination Technologies
 CVE-2026-11611 (A flaw was found in 389 Directory Server. The Content Synchronization  ...)
 	TODO: check
 CVE-2026-11577 (A flaw was found in Keycloak. A limited administrator can exploit an i ...)
-	TODO: check
+	- keycloak <itp> (bug #1088287)
 CVE-2026-11569 (A flaw was found in Quay. The filedrop endpoint accepts any mime type  ...)
-	TODO: check
+	NOT-FOR-US: Quay
 CVE-2026-11559 (A vulnerability was detected in CodeAstro Payroll System 1.0. This aff ...)
 	NOT-FOR-US: CodeAstro
 CVE-2026-11558 (A security vulnerability has been detected in CodeAstro Payroll System ...)
@@ -183,17 +183,17 @@ CVE-2026-11553 (A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_
 CVE-2026-11552 (A vulnerability has been found in SourceCodester Onlne Examination & L ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-11534 (A vulnerability was detected in imvks786 student_management_system up  ...)
-	TODO: check
+	NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11533 (A security vulnerability has been detected in imvks786 student_managem ...)
-	TODO: check
+	NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11532 (A weakness has been identified in imvks786 student_management_system u ...)
-	TODO: check
+	NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11531 (A security flaw has been discovered in imvks786 student_management_sys ...)
-	TODO: check
+	NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11530 (A vulnerability was identified in imvks786 student_management_system u ...)
-	TODO: check
+	NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11529 (A vulnerability was determined in designcomputer mysql-mcp-server up t ...)
-	TODO: check
+	NOT-FOR-US: mysql-mcp-server
 CVE-2026-11528 (A vulnerability was found in Tenda AC18 15.03.05.05. The affected elem ...)
 	NOT-FOR-US: Tenda
 CVE-2026-11524 (A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is th ...)
@@ -203,7 +203,7 @@ CVE-2026-11523 (A flaw has been found in Tenda W20E 15.11.0.6. This issue affect
 CVE-2026-11522 (A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerabili ...)
 	NOT-FOR-US: Tenda
 CVE-2026-11521 (A security vulnerability has been detected in Mohammed-eid35 bank-mana ...)
-	TODO: check
+	NOT-FOR-US: bank-management-system-springboot
 CVE-2026-11520 (A weakness has been identified in SourceCodester Inventory System 1.0. ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-11519 (A security flaw has been discovered in SourceCodester Inventory System ...)
@@ -211,9 +211,9 @@ CVE-2026-11519 (A security flaw has been discovered in SourceCodester Inventory
 CVE-2026-11518 (A vulnerability was identified in SourceCodester Inventory System 1.0. ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-11517 (A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107.  ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-11516 (A vulnerability was found in UTT HiPER 2610G up to 3.0.0-171107. This  ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-11515 (A vulnerability has been found in SourceCodester Barangay Resident Pro ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-11514 (A flaw has been found in itsourcecode Hospital Management System 1.0.  ...)
@@ -223,7 +223,7 @@ CVE-2026-11513 (A vulnerability was detected in itsourcecode Hospital Management
 CVE-2026-11512 (A security vulnerability has been detected in itsourcecode Hospital Ma ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2026-11511 (A weakness has been identified in Bolt CMS up to 3.7.5. This vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Bolt CMS
 CVE-2026-11510 (A security flaw has been discovered in CodeAstro Leave Management Syst ...)
 	NOT-FOR-US: CodeAstro
 CVE-2026-11509 (A vulnerability was identified in CodeAstro Leave Management System 1. ...)
@@ -235,13 +235,13 @@ CVE-2026-11507 (A vulnerability was found in CodeAstro Leave Management System 1
 CVE-2026-11506 (A vulnerability has been found in CodeAstro Leave Management System 1. ...)
 	NOT-FOR-US: CodeAstro
 CVE-2026-11505 (A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT300 ...)
-	TODO: check
+	NOT-FOR-US: GL.iNet
 CVE-2026-11504 (A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted  ...)
 	NOT-FOR-US: Tenda
 CVE-2026-11503 (A security vulnerability has been detected in Tenda CX12L 16.03.53.12. ...)
 	NOT-FOR-US: Tenda
 CVE-2026-11502 (A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is t ...)
-	TODO: check
+	NOT-FOR-US: JeecgBoot
 CVE-2026-11501 (A security flaw has been discovered in SourceCodester Hospitals Patien ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-11500 (A vulnerability was identified in Weaviate up to 1.37.7. This vulnerab ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8f63af54ab19f234451d938108f58be2aa79c15

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8f63af54ab19f234451d938108f58be2aa79c15
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260609/cfa8678e/attachment.htm>

More information about the debian-security-tracker-commits mailing list