[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Mon, 30 Mar 2026 14:48:21 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b30eaa31 by security tracker role at 2026-03-30T19:15:07+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2026-5147 (A security flaw has been discovered in YunaiV 
yudao-cloud up to 2
 CVE-2026-5128 (A sensitive information exposure vulnerability exists in 
ArthurFiorett ...)
        TODO: check
 CVE-2026-5126 (A flaw has been found in SourceCodester RSS Feed Parser 1.0. 
Affected  ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-5125 (A vulnerability was detected in raine consult-llm-mcp up to 
2.5.3. Aff ...)
        TODO: check
 CVE-2026-5124 (A security vulnerability has been detected in osrg GoBGP up to 
4.3.0.  ...)
@@ -27,13 +27,13 @@ CVE-2026-4416 (The Performance Library component of 
Gigabyte Control Center has
 CVE-2026-4415 (Gigabyte Control Center developed by GIGABYTE has an Arbitrary 
File Wr ...)
        TODO: check
 CVE-2026-4315 (A Cross-Site Request Forgery (CSRF) vulnerability in the 
WatchGuard Fi ...)
-       TODO: check
+       NOT-FOR-US: WatchGuard
 CVE-2026-4266 (An Insecure Deserialization vulnerability in WatchGuard 
Fireware OS al ...)
-       TODO: check
+       NOT-FOR-US: WatchGuard
 CVE-2026-4046 (The iconv() function in the GNU C Library versions 2.43 and 
earlier ma ...)
        TODO: check
 CVE-2026-3991 (Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 
MP1, 16. ...)
-       TODO: check
+       NOT-FOR-US: Symantec
 CVE-2026-3945 (An integer overflow vulnerability in the HTTP chunked transfer 
encodin ...)
        TODO: check
 CVE-2026-3502 (TrueConf Client downloads application update code and applies 
it witho ...)
@@ -47,7 +47,7 @@ CVE-2026-34472 (Unauthenticated credential disclosure in the 
wizard interface in
 CVE-2026-33643 (SQL Injection vulnerability in SchemaHero 0.23.0 via the 
column parame ...)
        TODO: check
 CVE-2026-33373 (An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 
10.1. A ...)
-       TODO: check
+       NOT-FOR-US: Zimbra
 CVE-2026-33032 (Nginx UI is a web user interface for the Nginx web server. In 
versions ...)
        TODO: check
 CVE-2026-33030 (Nginx UI is a web user interface for the Nginx web server. In 
versions ...)
@@ -59,27 +59,27 @@ CVE-2026-33028 (Nginx UI is a web user interface for the 
Nginx web server. Prior
 CVE-2026-33027 (Nginx UI is a web user interface for the Nginx web server. 
Prior to ve ...)
        TODO: check
 CVE-2026-30566 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30565 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30564 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30563 (A Stored Cross-Site Scripting (XSS) vulnerability exists in 
SourceCode ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30562 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30561 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30560 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30559 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30558 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30557 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30556 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
SourceC ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-30082 (Multiple stored cross-site scripting (XSS) vulnerabilities in 
the Edit ...)
        TODO: check
 CVE-2026-30077 (OpenAirInterface V2.2.0 AMF crashes when it fails to decode 
the messag ...)
@@ -133,7 +133,7 @@ CVE-2025-49010 (OpenSC is an open source smart card tools 
and middleware. Prior
 CVE-2025-3716 (User enumeration in ESET Protect (on-prem) viaResponse Timing.)
        TODO: check
 CVE-2025-15379 (A command injection vulnerability exists in MLflow's model 
serving con ...)
-       TODO: check
+       NOT-FOR-US: mlflow
 CVE-2019-25655 (Device Monitoring Studio 8.10.00.8925 contains a denial of 
service vul ...)
        TODO: check
 CVE-2019-25654 (Core FTP/SFTP Server 1.2 contains a buffer overflow 
vulnerability that ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b30eaa31157d1daf5127ca9ca1997795468cd653

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b30eaa31157d1daf5127ca9ca1997795468cd653
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to