[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Mar 16 09:01:27 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8c27cc8 by Moritz Muehlenhoff at 2026-03-16T10:01:09+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
 CVE-2026-4255 (A DLL search order hijacking vulnerability in Thermalright TR-VISION H ...)
-	TODO: check
+	NOT-FOR-US: Thermalright TR-VISION
 CVE-2026-4226 (A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affecte ...)
-	TODO: check
+	NOT-FOR-US: LB-LINK BL-WR9000
 CVE-2026-4225 (A security flaw has been discovered in CMS Made Simple up to 2.2.21. I ...)
-	TODO: check
+	NOT-FOR-US: CMS Made SimpleLB-LINK BL-WR9000
 CVE-2026-4223 (A vulnerability was identified in itsourcecode Payroll Management Syst ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2026-4222 (A vulnerability was determined in SSCMS up to 7.4.0. This vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: SSCMS
 CVE-2026-4221 (A vulnerability was found in Tiandy Easy7 Integrated Management Platfo ...)
-	TODO: check
+	NOT-FOR-US: Tiandy Easy7
 CVE-2026-4220 (A vulnerability has been found in Technologies Integrated Management P ...)
-	TODO: check
+	NOT-FOR-US: Technologies Integrated Management Platform
 CVE-2026-4219 (A flaw has been found in INDEX Conferences & Exhibitions Organization  ...)
-	TODO: check
+	NOT-FOR-US: INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App
 CVE-2026-4218 (A vulnerability was detected in myAEDES App up to 1.18.4 on Android. A ...)
-	TODO: check
+	NOT-FOR-US: myAEDES App
 CVE-2026-4217 (A security vulnerability has been detected in XREAL Nebula App up to 3 ...)
-	TODO: check
+	NOT-FOR-US: XREAL Nebula App
 CVE-2026-4216 (A weakness has been identified in i-SENS SmartLog App up to 2.6.8 on A ...)
-	TODO: check
+	NOT-FOR-US: i-SENS SmartLog App
 CVE-2026-4215 (A security flaw has been discovered in FlowCI flow-core-x up to 1.23.0 ...)
-	TODO: check
+	NOT-FOR-US: FlowCI flow-core-x
 CVE-2026-4214 (A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320,  ...)
 	NOT-FOR-US: D-Link
 CVE-2026-4213 (A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DN ...)
@@ -45,13 +45,13 @@ CVE-2026-4204 (A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-
 CVE-2026-4203 (A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DN ...)
 	NOT-FOR-US: D-Link
 CVE-2026-4201 (A weakness has been identified in glowxq glowxq-oj up to 6f7c723090472 ...)
-	TODO: check
+	NOT-FOR-US: glowxq-oj
 CVE-2026-4200 (A security flaw has been discovered in glowxq glowxq-oj up to 6f7c7230 ...)
-	TODO: check
+	NOT-FOR-US: glowxq-oj
 CVE-2026-4199 (A vulnerability was identified in bazinga012 mcp_code_executor up to 0 ...)
-	TODO: check
+	NOT-FOR-US: bazinga012 mcp_code_executor
 CVE-2026-4198 (A vulnerability was determined in hypermodel-labs mcp-server-auto-comm ...)
-	TODO: check
+	NOT-FOR-US: hypermodel-labs mcp-server-auto-commit
 CVE-2026-4197 (A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-3 ...)
 	NOT-FOR-US: D-Link
 CVE-2026-4196 (A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L,  ...)
@@ -63,19 +63,19 @@ CVE-2026-4194 (A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315
 CVE-2026-4193 (A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05 ...)
 	NOT-FOR-US: D-Link
 CVE-2026-4192 (A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. A ...)
-	TODO: check
+	NOT-FOR-US: hypermodel-labs mcp-server-auto-commonAvinashBole quip-mcp-server
 CVE-2026-4191 (A flaw has been found in JawherKl node-api-postgres up to 2.5. Affecte ...)
 	TODO: check
 CVE-2026-4190 (A vulnerability was detected in JawherKl node-api-postgres up to 2.5.  ...)
 	TODO: check
 CVE-2026-4189 (A weakness has been identified in phpipam up to 1.7.4. The impacted el ...)
-	TODO: check
+	- phpipam <itp> (bug #731713)
 CVE-2026-4188 (A security flaw has been discovered in D-Link DIR-619L 2.06B01. The af ...)
 	NOT-FOR-US: D-Link
 CVE-2026-4187 (A vulnerability was identified in Tiandy Easy7 Integrated Management P ...)
-	TODO: check
+	NOT-FOR-US: Tiandy Easy7
 CVE-2026-4186 (A vulnerability was determined in UEditor up to 1.4.3.2. This issue af ...)
-	TODO: check
+	NOT-FOR-US: UEditor
 CVE-2026-4185 (A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-mas ...)
 	TODO: check
 CVE-2026-4184 (A vulnerability was detected in D-Link DIR-816 1.10CNB05. Affected by  ...)
@@ -89,7 +89,7 @@ CVE-2026-4181 (A security flaw has been discovered in D-Link DIR-816 1.10CNB05.
 CVE-2026-4180 (A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impact ...)
 	NOT-FOR-US: D-Link
 CVE-2026-4175 (A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2. The af ...)
-	TODO: check
+	NOT-FOR-US: Aureus ERP
 CVE-2026-4174 (A vulnerability has been found in Radare2 5.9.9. This issue affects th ...)
 	TODO: check
 CVE-2026-4173 (A flaw has been found in CodePhiliaX Chat2DB up to 0.3.7. This vulnera ...)
@@ -1980,6 +1980,7 @@ CVE-2026-31815 (Unicorn adds modern reactive component functionality to your Dja
 	NOT-FOR-US: Django Unicorn
 CVE-2026-31812 (Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC ...)
 	- rust-quinn-proto 0.11.14-1
+	NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0037.html
 	NOTE: https://github.com/quinn-rs/quinn/security/advisories/GHSA-6xvm-j4wr-6v98
 	NOTE: https://github.com/quinn-rs/quinn/pull/2558
 	NOTE: Fixed by: https://github.com/quinn-rs/quinn/commit/655a8ad094e4fad463c90c4666c62db7de56384b



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8c27cc85f72e19e679c192243bae7df2705eac0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8c27cc85f72e19e679c192243bae7df2705eac0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260316/622ddf05/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list