[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Mon, 08 Jun 2026 23:53:27 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f8f63af5 by Moritz Muehlenhoff at 2026-06-09T08:53:10+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -94,11 +94,11 @@ CVE-2026-44119 (Improper Privilege Management vulnerability 
in Apache HTTP Serve
        - apache2 <unfixed> (bug #1139340)
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-44119
 CVE-2026-43974 (Unexpected Status Code or Return Value vulnerability in 
ninenines gun  ...)
-       TODO: check
+       NOT-FOR-US: gun
 CVE-2026-43973 (Uncontrolled Resource Consumption vulnerability in ninenines 
gun (gun_ ...)
-       TODO: check
+       NOT-FOR-US: gun
 CVE-2026-43972 (Origin Validation Error vulnerability in ninenines gun 
(gun_http2 modu ...)
-       TODO: check
+       NOT-FOR-US: gun
 CVE-2026-43966 (Improper Neutralization of CRLF Sequences in HTTP Headers 
('HTTP Reque ...)
        TODO: check
 CVE-2026-43951 (Out-of-bounds Read vulnerability in Apache HTTP Server with 
mod_header ...)
@@ -149,23 +149,23 @@ CVE-2026-29167 (Use After Free vulnerability in Apache 
HTTP Server with mod_ldap
        - apache2 <unfixed> (bug #1139340)
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-29167
 CVE-2026-25856 (OpenBullet2 through version 0.3.2 contains an authenticated 
remote cod ...)
-       TODO: check
+       NOT-FOR-US: OpenBullet2
 CVE-2026-25855 (OpenBullet2 through version 0.3.2 contains a remote code 
execution vul ...)
-       TODO: check
+       NOT-FOR-US: OpenBullet2
 CVE-2026-25559 (OpenBullet2 through version 0.3.2 contains a path traversal 
vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: OpenBullet2
 CVE-2026-25558 (QloApps through 1.7.0 contains a stored cross-site scripting 
vulnerabi ...)
        TODO: check
 CVE-2026-25555 (OpenBullet2 through version 0.3.2 contains an authentication 
bypass vu ...)
-       TODO: check
+       NOT-FOR-US: OpenBullet2
 CVE-2026-22164 (Software installed and run as a non-privileged user may 
conduct improp ...)
        NOT-FOR-US: Imagination Technologies
 CVE-2026-11611 (A flaw was found in 389 Directory Server. The Content 
Synchronization  ...)
        TODO: check
 CVE-2026-11577 (A flaw was found in Keycloak. A limited administrator can 
exploit an i ...)
-       TODO: check
+       - keycloak <itp> (bug #1088287)
 CVE-2026-11569 (A flaw was found in Quay. The filedrop endpoint accepts any 
mime type  ...)
-       TODO: check
+       NOT-FOR-US: Quay
 CVE-2026-11559 (A vulnerability was detected in CodeAstro Payroll System 1.0. 
This aff ...)
        NOT-FOR-US: CodeAstro
 CVE-2026-11558 (A security vulnerability has been detected in CodeAstro 
Payroll System ...)
@@ -183,17 +183,17 @@ CVE-2026-11553 (A vulnerability was found in Tenda HG7HG9 
and HG10 300001138_en_
 CVE-2026-11552 (A vulnerability has been found in SourceCodester Onlne 
Examination & L ...)
        NOT-FOR-US: SourceCodester
 CVE-2026-11534 (A vulnerability was detected in imvks786 
student_management_system up  ...)
-       TODO: check
+       NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11533 (A security vulnerability has been detected in imvks786 
student_managem ...)
-       TODO: check
+       NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11532 (A weakness has been identified in imvks786 
student_management_system u ...)
-       TODO: check
+       NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11531 (A security flaw has been discovered in imvks786 
student_management_sys ...)
-       TODO: check
+       NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11530 (A vulnerability was identified in imvks786 
student_management_system u ...)
-       TODO: check
+       NOT-FOR-US: imvks786 student_management_system
 CVE-2026-11529 (A vulnerability was determined in designcomputer 
mysql-mcp-server up t ...)
-       TODO: check
+       NOT-FOR-US: mysql-mcp-server
 CVE-2026-11528 (A vulnerability was found in Tenda AC18 15.03.05.05. The 
affected elem ...)
        NOT-FOR-US: Tenda
 CVE-2026-11524 (A vulnerability has been found in Tenda W20E 15.11.0.6. 
Impacted is th ...)
@@ -203,7 +203,7 @@ CVE-2026-11523 (A flaw has been found in Tenda W20E 
15.11.0.6. This issue affect
 CVE-2026-11522 (A vulnerability was detected in Tenda W20E 15.11.0.6. This 
vulnerabili ...)
        NOT-FOR-US: Tenda
 CVE-2026-11521 (A security vulnerability has been detected in Mohammed-eid35 
bank-mana ...)
-       TODO: check
+       NOT-FOR-US: bank-management-system-springboot
 CVE-2026-11520 (A weakness has been identified in SourceCodester Inventory 
System 1.0. ...)
        NOT-FOR-US: SourceCodester
 CVE-2026-11519 (A security flaw has been discovered in SourceCodester 
Inventory System ...)
@@ -211,9 +211,9 @@ CVE-2026-11519 (A security flaw has been discovered in 
SourceCodester Inventory
 CVE-2026-11518 (A vulnerability was identified in SourceCodester Inventory 
System 1.0. ...)
        NOT-FOR-US: SourceCodester
 CVE-2026-11517 (A vulnerability was determined in UTT HiPER 2610G up to 
3.0.0-171107.  ...)
-       TODO: check
+       NOT-FOR-US: UTT
 CVE-2026-11516 (A vulnerability was found in UTT HiPER 2610G up to 
3.0.0-171107. This  ...)
-       TODO: check
+       NOT-FOR-US: UTT
 CVE-2026-11515 (A vulnerability has been found in SourceCodester Barangay 
Resident Pro ...)
        NOT-FOR-US: SourceCodester
 CVE-2026-11514 (A flaw has been found in itsourcecode Hospital Management 
System 1.0.  ...)
@@ -223,7 +223,7 @@ CVE-2026-11513 (A vulnerability was detected in 
itsourcecode Hospital Management
 CVE-2026-11512 (A security vulnerability has been detected in itsourcecode 
Hospital Ma ...)
        NOT-FOR-US: itsourcecode System
 CVE-2026-11511 (A weakness has been identified in Bolt CMS up to 3.7.5. This 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: Bolt CMS
 CVE-2026-11510 (A security flaw has been discovered in CodeAstro Leave 
Management Syst ...)
        NOT-FOR-US: CodeAstro
 CVE-2026-11509 (A vulnerability was identified in CodeAstro Leave Management 
System 1. ...)
@@ -235,13 +235,13 @@ CVE-2026-11507 (A vulnerability was found in CodeAstro 
Leave Management System 1
 CVE-2026-11506 (A vulnerability has been found in CodeAstro Leave Management 
System 1. ...)
        NOT-FOR-US: CodeAstro
 CVE-2026-11505 (A flaw has been found in GL.iNet A1300, AX1800, AXT1800, 
MT2500, MT300 ...)
-       TODO: check
+       NOT-FOR-US: GL.iNet
 CVE-2026-11504 (A vulnerability was detected in Tenda CX12L 16.03.53.12. The 
impacted  ...)
        NOT-FOR-US: Tenda
 CVE-2026-11503 (A security vulnerability has been detected in Tenda CX12L 
16.03.53.12. ...)
        NOT-FOR-US: Tenda
 CVE-2026-11502 (A weakness has been identified in JeecgBoot up to 3.9.2. 
Impacted is t ...)
-       TODO: check
+       NOT-FOR-US: JeecgBoot
 CVE-2026-11501 (A security flaw has been discovered in SourceCodester 
Hospitals Patien ...)
        NOT-FOR-US: SourceCodester
 CVE-2026-11500 (A vulnerability was identified in Weaviate up to 1.37.7. This 
vulnerab ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8f63af54ab19f234451d938108f58be2aa79c15

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8f63af54ab19f234451d938108f58be2aa79c15
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to