[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Sun Mar 15 08:14:16 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fbcde986 by security tracker role at 2026-03-15T08:14:10+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2026-4179 (Issues in stm32 USB device driver (drivers/usb/device/usb_dc_stm32.c)  ...)
-	TODO: check
+	NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2026-4170 (A weakness has been identified in Topsec TopACM 3.0. Affected by this  ...)
 	TODO: check
 CVE-2026-4169 (A security flaw has been discovered in Tecnick TCExam up to 16.6.0. Af ...)
@@ -7,29 +7,29 @@ CVE-2026-4169 (A security flaw has been discovered in Tecnick TCExam up to 16.6.
 CVE-2026-4168 (A vulnerability was identified in Tecnick TCExam 16.5.0. This impacts  ...)
 	TODO: check
 CVE-2026-4167 (A vulnerability was determined in Belkin F9K1122 1.00.33. This affects ...)
-	TODO: check
+	NOT-FOR-US: Belkin
 CVE-2026-4166 (A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted e ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2026-4165 (A vulnerability has been found in Worksuite HR, CRM and Project Manage ...)
 	TODO: check
 CVE-2026-4164 (A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the fu ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2026-4163 (A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue  ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2026-32774 (Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability i ...)
 	TODO: check
 CVE-2026-2233 (The User Frontend: AI Powered Frontend Posting, User Directory, Profil ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1947 (The NEX-Forms \u2013 Ultimate Forms Plugin for WordPress plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1883 (The Wicked Folders \u2013 Folder Organizer for Pages, Posts, and Custo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1870 (The Thim Kit for Elementor \u2013 Pre-built Templates & Widgets for El ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-0849 (Malformed ATAES132A responses with an oversized length field overflow  ...)
-	TODO: check
+	NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2025-54920 (This issue affects Apache Spark: before 3.5.7 and 4.0.1. Users are rec ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-3839 (Unraid Authentication Request Path Traversal Authentication Bypass Vul ...)
 	NOT-FOR-US: Unraid
 CVE-2026-3838 (Unraid Update Request Path Traversal Remote Code Execution Vulnerabili ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbcde986ad3a18d6b227880b966c8d044d453f34

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbcde986ad3a18d6b227880b966c8d044d453f34
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260315/023cfaeb/attachment-0001.htm>
