[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 26 08:13:50 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ae6e7e45 by security tracker role at 2026-05-26T07:13:44+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2026-9534 (A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-9533 (A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impac ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-9532 (A security vulnerability has been detected in Totolink CA750-PoE 6.2c. ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-9531 (A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacte ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-9530 (A weakness has been identified in GNU LibreDWG up to 0.14. The impacte ...)
 	TODO: check
 CVE-2026-9529 (A security flaw has been discovered in GNU LibreDWG up to 0.14. The af ...)
 	TODO: check
 CVE-2026-9528 (A vulnerability was identified in itsourcecode Electronic Judging Syst ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2026-9527 (A vulnerability was determined in itsourcecode Electronic Judging Syst ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2026-9526 (A vulnerability was found in itsourcecode Electronic Judging System 1. ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2026-9525 (A vulnerability has been found in itsourcecode Electronic Judging Syst ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2026-9524 (A flaw has been found in xianrendzw EasyReport up to 2.0.17.0522_Beta. ...)
 	TODO: check
 CVE-2026-9523 (A vulnerability was detected in Acrel Electrical EEMS Enterprise Power ...)
@@ -33,15 +33,15 @@ CVE-2026-9518 (A vulnerability was identified in hemant6488 CodeIgniter-StudentM
 CVE-2026-9517 (A vulnerability was determined in hemant6488 CodeIgniter-StudentManage ...)
 	TODO: check
 CVE-2026-9515 (A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The affec ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-9514 (A security vulnerability has been detected in Totolink CA750-PoE 6.2c. ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-9513 (A weakness has been identified in Totolink CA750-PoE 6.2c.510. This is ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-9512 (A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. Th ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-9511 (A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This af ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2026-9504 (A weakness has been identified in GNU LibreDWG up to 0.14. Affected is ...)
 	TODO: check
 CVE-2026-9503 (A security flaw has been discovered in GNU LibreDWG up to 0.14. This i ...)
@@ -61,13 +61,13 @@ CVE-2026-9496 (Versions of the package pacote from 11.2.7 are vulnerable to Deni
 CVE-2026-9495 (Versions of the package @koa/router from 14.0.0 and before 15.0.0 are  ...)
 	TODO: check
 CVE-2026-9486 (A security flaw has been discovered in SourceCodester Student Grades M ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-9485 (A vulnerability was identified in SourceCodester Student Grades Manage ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-9484 (A vulnerability was determined in SourceCodester Student Grades Manage ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2026-4795 (A missing authorization vulnerability in Zyxel GS1200-5v3 firmware ver ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2026-48852 (PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature ver ...)
 	TODO: check
 CVE-2026-48851 (PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indica ...)
@@ -75,61 +75,61 @@ CVE-2026-48851 (PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust
 CVE-2026-48850 (PuTTY 0.72 before 0.84 has a double free in RSA KEX.)
 	TODO: check
 CVE-2026-48837 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-45438 (Missing Authorization vulnerability in WebToffee Smart Coupons for Woo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-45435 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-45217 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-45216 (Incorrect Privilege Assignment vulnerability in StoreApps Smart Manage ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-45209 (Missing Authorization vulnerability in edward_plainview MyCryptoChecko ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-42776 (Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-42774 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-42773 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-42763 (Missing Authorization vulnerability in SePay team SePay Gateway allows ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-3314 (Missing password field masking vulnerability in Hitachi Ops Center Ana ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2026-39436 (Cross-Site Request Forgery (CSRF) vulnerability in bgermann CformsII a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-32389 (Missing Authorization vulnerability in Linethemes NanoCare allows Expl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-27398 (Missing Authorization vulnerability in WP Chill RSVP and Event Managem ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-27357 (Missing Authorization vulnerability in Cornel Raiu WP Search Analytics ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-27346 (Missing Authorization vulnerability in Kings Plugins B2BKing allows Ex ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24937 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24597 (Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organizati ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24592 (Missing Authorization vulnerability in Lucian Apostol Auto Affiliate L ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24586 (Missing Authorization vulnerability in Themeansar Newses allows Exploi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24582 (Missing Authorization vulnerability in WPPOOL FlexTable allows Exploit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24574 (Cross-Site Request Forgery (CSRF) vulnerability in Recorp Export WP Pa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24554 (Cross-Site Request Forgery (CSRF) vulnerability in Convers Lab WPSubsc ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24546 (Missing Authorization vulnerability in Ruben Garcia GamiPress allows E ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24545 (Missing Authorization vulnerability in Nikki Blight QR Redirector allo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24527 (Missing Authorization vulnerability in Patterns in the cloud Autoship  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-71310 (The GDPR cookies module for Backdrop CMS (before   1.x-1.3.5) doesn't  ...)
 	TODO: check
 CVE-2025-62745 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-48715 [Stack Buffer Overflow in radvdump Route Information Option Parser]
 	- radvd <unfixed>
 	NOTE: https://github.com/radvd-project/radvd/security/advisories/GHSA-52px-gh9p-m379



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae6e7e45ab5f01a815d984173780bb7df84089b9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae6e7e45ab5f01a815d984173780bb7df84089b9
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260526/d442f549/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list