[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon May 18 20:14:22 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fbaa77e5 by security tracker role at 2026-05-18T19:14:12+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -49,11 +49,11 @@ CVE-2026-4273 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to
 CVE-2026-45829 (A pre-authentication, code injection vulnerability in version 1.0.0 or ...)
 	TODO: check
 CVE-2026-45495 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2026-45494 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2026-45492 (Improper input validation in Microsoft Edge (Chromium-based) allows an ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2026-45243 (Summarize prior to 0.15.1 contains a missing authorization vulnerabili ...)
 	TODO: check
 CVE-2026-45242 (Summarize prior to 0.15.1 contains a path traversal vulnerability in t ...)
@@ -63,7 +63,7 @@ CVE-2026-45231 (DumbAssets through 1.0.11 contains a stored cross-site scripting
 CVE-2026-45230 (DumbAssets through 1.0.11 contains a path traversal vulnerability in t ...)
 	TODO: check
 CVE-2026-42822 (Improper authentication in Azure Local Disconnected Operations allows  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2026-41949 (Dify version 1.14.1 and prior contain an authorization bypass vulnerab ...)
 	TODO: check
 CVE-2026-41948 (Dify version 1.14.1 and prior contain a path traversal vulnerability t ...)
@@ -71,7 +71,7 @@ CVE-2026-41948 (Dify version 1.14.1 and prior contain a path traversal vulnerabi
 CVE-2026-41947 (Dify version 1.14.1 and prior contains an authorization bypass vulnera ...)
 	TODO: check
 CVE-2026-41119 (Dell Live Optics Windows and Personal Edition collectors contain an im ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2026-41085 (Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a privile ...)
 	TODO: check
 CVE-2026-3637 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
@@ -87,7 +87,7 @@ CVE-2026-39079 (An issue in prestashop upsshipping all versions through at least
 CVE-2026-38719 (OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability  ...)
 	TODO: check
 CVE-2026-36438 (An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows  ...)
-	TODO: check
+	NOT-FOR-US: Intelbras
 CVE-2026-32849 (NetBSD prior to commit ec8451e contains a signed integer overflow vuln ...)
 	TODO: check
 CVE-2026-32848 (NetBSD prior to commit ec8451e contains a race condition vulnerability ...)
@@ -109,9 +109,9 @@ CVE-2026-28732 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.
 CVE-2026-26462 (Offline Hospital Management System 5.3.0 allows remote code execution  ...)
 	TODO: check
 CVE-2026-20685 (An attacker in a privileged network position may be able to leak sensi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2026-0983 (Denial-of-service condition in M-Files Server versions before 26.5.160 ...)
-	TODO: check
+	NOT-FOR-US: M-Files
 CVE-2025-57282 (ngrok v4.3.3 and 5.0.0-beta.2 is vulnerable to Command Injection.)
 	TODO: check
 CVE-2025-56352 (In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-1 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbaa77e5df85379b4b145153618092a659112b99

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbaa77e5df85379b4b145153618092a659112b99
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260518/5b2d0f2f/attachment.htm>

More information about the debian-security-tracker-commits mailing list