[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Mar 31 08:15:00 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
890e3b3f by security tracker role at 2026-03-31T07:14:50+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
 CVE-2026-5185 (A security flaw has been discovered in Nothings stb_image up to 2.30.  ...)
 	TODO: check
 CVE-2026-5184 (A vulnerability was identified in TRENDnet TEW-713RE up to 1.02. The i ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet
 CVE-2026-5183 (A vulnerability was determined in TRENDnet TEW-713RE up to 1.02. The a ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet
 CVE-2026-5182 (A vulnerability was found in SourceCodester Teacher Record System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-5181 (A vulnerability has been found in SourceCodester Simple Doctors Appoin ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-5180 (A flaw has been found in SourceCodester Simple Doctors Appointment Sys ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-5179 (A vulnerability was detected in SourceCodester Simple Doctors Appointm ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-5178 (A security vulnerability has been detected in Totolink A3300R 17.0.0cu ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-5177 (A weakness has been identified in Totolink A3300R 17.0.0cu.557_b202210 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-5176 (A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b2 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-5157 (A vulnerability was identified in code-projects Online Food Ordering S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2026-5156 (A vulnerability was determined in Tenda CH22 1.0.0.1. This impacts the ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-5155 (A vulnerability was found in Tenda CH22 1.0.0.1. This affects the func ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-5154 (A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacte ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-5153 (A flaw has been found in Tenda CH22 1.0.0.1. The affected element is t ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-5152 (A vulnerability was detected in Tenda CH22 1.0.0.1. Impacted is the fu ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2026-5150 (A security vulnerability has been detected in code-projects Accounting ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2026-5148 (A weakness has been identified in YunaiV yudao-cloud up to 2026.01. Th ...)
 	TODO: check
 CVE-2026-5130 (The Debugger & Troubleshooter plugin for WordPress was vulnerable to U ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-5115 (The PaperCut NG/MF (specifically, the embedded application for Konica  ...)
 	TODO: check
 CVE-2026-4794 (Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF  ...)
@@ -43,15 +43,15 @@ CVE-2026-4794 (Multiple cross-site scripting (XSS) vulnerabilities in PaperCut N
 CVE-2026-4789 (Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unre ...)
 	TODO: check
 CVE-2026-4257 (The Contact Form by Supsystic plugin for WordPress is vulnerable to Se ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-4146 (The Loco Translate plugin for WordPress is vulnerable to Reflected Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-4020 (The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Infor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-3881 (The Performance Monitor WordPress plugin through 1.0.6 does not valida ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-3300 (The Everest Forms Pro plugin for WordPress is vulnerable to Remote Cod ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-34881 (OpenStack Glance <29.1.1, >=30.0.0 <30.1.1, ==31.0.0 is affected by Se ...)
 	TODO: check
 CVE-2026-34558 (CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production ...)
@@ -143,13 +143,13 @@ CVE-2026-25627 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Plat
 CVE-2026-21861 (baserCMS is a website development framework. Prior to version 5.2.3, b ...)
 	TODO: check
 CVE-2026-1877 (The Auto Post Scheduler plugin for WordPress is vulnerable to Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1834 (The Ibtana \u2013 WordPress Website Builder plugin for WordPress is vu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1797 (The Appointment Booking and Scheduler Plugin \u2013 Truebooker plugin  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1710 (The WooPayments: Integrated WooCommerce Payments plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-32957 (baserCMS is a website development framework. Prior to version 5.2.3, t ...)
 	TODO: check
 CVE-2026-5170 (A user with access to the cluster with a limited set of privilege acti ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/890e3b3fb94e5c394a3990b9d81bf0ba9264ea0c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/890e3b3fb94e5c394a3990b9d81bf0ba9264ea0c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260331/77b14f86/attachment.htm>

More information about the debian-security-tracker-commits mailing list