Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e9748021 by security tracker role at 2026-07-15T07:14:20+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,57 +1,57 @@
 CVE-2026-9770 (Kasa EC71 v4 and EC70 v4 firmware contains a static 
cryptographic priv ...)
-       TODO: check
+       NOT-FOR-US: TPLink
 CVE-2026-9653 (A denial-of-service security issue exists across all the 
1756-EN2, EN3 ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-9636 (A security issue exists within CompactLogix\xae 5380, 
ControlLogix\xae ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-9561 (Eclipse Kura versions prior to 5.6.2 trust the client-supplied 
X-Forwa ...)
        TODO: check
 CVE-2026-9341 (The Academy LMS \u2013 WordPress LMS Plugin for Complete 
eLearning Sol ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-9292 (A Stored Cross-Site Scripting security issue exists within 
FactoryTalk ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-9140 (A denial-of-service security issue exists in the1719-AENTR. The 
securi ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-9128 (A code execution security issue exists withinStudio 5000 Logix 
Designe ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-9127 (A remote code execution security issue exists withinStudio 5000 
Logix  ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-9108 (A path traversal security issue exists withinStudio 5000 Logix 
Designe ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-8920 (Improper Restriction of Communication Channel to Intended 
Endpoints an ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2026-8919 (Permissive Cross-domain Security Policy with Untrusted Domains 
in ASUS ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2026-8590 (Vulnerability in Spotfire Spotfire Enterprise (Spotfire Server 
modules ...)
        TODO: check
 CVE-2026-8384 (In Eclipse Jetty, an HTTP URI of this form:      
/public;/../admin/sec ...)
        TODO: check
 CVE-2026-8314 (A security issue exists within Arena\xae Simulation due to a 
memory co ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-8313 (A security issue exists within Arena\xae Simulation due to a 
memory co ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-8312 (A security issue exists within Arena\xae Simulation due to a 
memory co ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-8085 (A security issue exists within Arena\xae Simulation due to a 
memory co ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-7494 (Nexus Repository 3 is vulnerable to Server-Side Request Forgery 
(SSRF) ...)
-       TODO: check
+       NOT-FOR-US: Sonatype
 CVE-2026-6851 (An Improper link resolution before file access ('link 
following') vuln ...)
-       TODO: check
+       NOT-FOR-US: Bitdefender
 CVE-2026-6790 (In Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there 
is no  ...)
        TODO: check
 CVE-2026-62659 (A security flaw was discovered in the NETGEAR WAX333 Access 
Point that ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2026-62658 (A security flaw was discovered in certain NETGEAR Nighthawk 
RAX series ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2026-62657 (A security flaw in the router's certificate validation process 
was dis ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2026-62656 (A security flaw was found in certain NETGEAR RAX models that 
could all ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2026-62655 (A security flaw was found in certain NETGEAR Orbi models that 
could al ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2026-62422 (In JetBrains YouTrack before 2026.1.13757, 2025.3.148033, 
2025.2.14804 ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2026-61520 (Simple Machines Forum 2.1 prior to commit 4bf35cf and 3.0 
prior to com ...)
        TODO: check
 CVE-2026-60119 (Hi.Events before 1.11.0 contains a cross-site scripting 
vulnerability  ...)
@@ -65,7 +65,7 @@ CVE-2026-5270 (An authentication bypass vulnerability exists 
in certain releases
 CVE-2026-5269 (In Ciena's Navigator Network Control Suite (NCS) and Manage 
Control Pl ...)
        TODO: check
 CVE-2026-5040 (TP-Link Deco M5 v1 uses a weak password hashing mechanism to 
store use ...)
-       TODO: check
+       NOT-FOR-US: TPLink
 CVE-2026-59891 (sigstore-js provides JavaScript libraries for interacting with 
Sigstor ...)
        TODO: check
 CVE-2026-59889 (jackson-databind contains the general-purpose data-binding 
functionali ...)
@@ -79,17 +79,17 @@ CVE-2026-59885 (pyasn1 is a generic ASN.1 library for 
Python. Prior to 0.6.4, th
 CVE-2026-59884 (pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, 
the BER  ...)
        TODO: check
 CVE-2026-59841 (A improper restriction of communication channel to intended 
endpoints  ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2026-59840 (A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 
through 7.6 ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2026-59839 (A improper limitation of a pathname to a restricted directory 
('path t ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2026-59837 (A stack-based buffer overflow vulnerability in Fortinet 
FortiOS 7.4.0  ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2026-59836 (A improper certificate validation vulnerability in Fortinet 
FortiClien ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2026-59835 (A exposure of resource to wrong sphere vulnerability in 
Fortinet Forti ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2026-59733 (Rclone is a command-line program to sync files and directories 
to and  ...)
        TODO: check
 CVE-2026-59732 (Rclone is a command-line program to sync files and directories 
to and  ...)
@@ -117,103 +117,103 @@ CVE-2026-59084 (Insufficient Technical Documentation 
vulnerability in Apache Tom
 CVE-2026-59083 (Improper Handling of URL Encoding (Hex Encoding) vulnerability 
in Apac ...)
        TODO: check
 CVE-2026-58647 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58644 (Deserialization of untrusted data in Microsoft Office 
SharePoint allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58640 (Heap-based buffer overflow in Windows NTFS allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58638 (Missing cryptographic step in Windows Boot Loader allows an 
authorized ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58637 (Use after free in Windows Client-Side Caching (CSC) Service 
allows an  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58636 (Improper link resolution before file access ('link following') 
in Wind ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58635 (Improper neutralization of special elements used in a command 
('comman ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58634 (Use after free in Desktop Window Manager allows an authorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58633 (Use after free in Desktop Window Manager allows an authorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58632 (Use after free in Windows Win32K allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58631 (Improper authorization in Windows Admin Center allows an 
authorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58629 (Use after free in Windows DirectX allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58628 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58627 (Uncontrolled resource consumption in Windows DHCP Server 
allows an una ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58626 (Use after free in Windows Remote Desktop Services allows an 
authorized ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58619 (Use after free in Windows Sensor Data Service allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58618 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58617 (Improper access control in Microsoft 365 Copilot for iOS 
allows an una ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58614 (Out-of-bounds read in Windows Kernel allows an authorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58613 (Use after free in Windows Cloud Files Mini Filter Driver 
allows an aut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58610 (Heap-based buffer overflow in Microsoft Windows Media 
Foundation allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58609 (Out-of-bounds read in Microsoft Graphics Component allows an 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58608 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58602 (Use after free in Windows Kernel Mode Driver allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58601 (Heap-based buffer overflow in Virtual Hard Disk (VHD) Miniport 
Driver  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58595 (Improper restriction of rendered ui layers or frames in 
Microsoft Bing ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58594 (Integer overflow or wraparound in Windows RDP allows an 
unauthorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58547 (Heap-based buffer overflow in Universal Plug and Play 
(upnp.dll) allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58546 (Use of uninitialized resource in Windows RDP allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58545 (Improper access control in Windows Kernel allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58544 (Use after free in Windows Management Services allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58543 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58542 (Heap-based buffer overflow in Windows Media allows an 
unauthorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58541 (Access of resource using incompatible type ('type confusion') 
in Windo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58540 (Improper authorization in Windows Installer allows an 
authorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58539 (Out-of-bounds read in Windows RDP allows an unauthorized 
attacker to d ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58538 (Heap-based buffer overflow in Windows Bluetooth Service allows 
an auth ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58537 (Use after free in Microsoft NAT Helper Components 
(ipnathlp.dll) allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58536 (Use after free in Windows Cloud Files Mini Filter Driver 
allows an aut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58535 (Use of uninitialized resource in Windows RDP allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58534 (Heap-based buffer overflow in Microsoft Input Method Editor 
(IME) allo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58533 (Use of uninitialized resource in Windows RDP allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58532 (Integer overflow or wraparound in Windows Kernel allows an 
authorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58531 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58530 (Heap-based buffer overflow in Windows Resilient File System 
(ReFS) all ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58529 (Out-of-bounds read in Active Directory Federation Services (AD 
FS) all ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58528 (Out-of-bounds read in Windows USB Audio Class driver 
(usbaudio.sys) al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58527 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58526 (Use after free in Windows Storage allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58479 (Sustainable Irrigation Platform (SIP) through version 5.2.16 
contains  ...)
        TODO: check
 CVE-2026-58478 (Sustainable Irrigation Platform (SIP) through version 5.2.16 
contains  ...)
@@ -227,395 +227,395 @@ CVE-2026-58475 (Sustainable Irrigation Platform (SIP) 
through version 5.2.16 con
 CVE-2026-58461
        REJECTED
 CVE-2026-58279 (Missing authorization in Azure CycleCloud allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58277 (Improper authorization in Microsoft Office SharePoint allows 
an author ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58229 (Allocation of resources without limits vulnerability in 
elixir-mint mi ...)
        TODO: check
 CVE-2026-57982 (Use of uninitialized resource in Windows RDP allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57979 (Out-of-bounds read in Windows RDP allows an unauthorized 
attacker to d ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57976 (Null pointer dereference in Active Directory Domain Services 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57973 (Time-of-check time-of-use (toctou) race condition in Windows 
Subsystem ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57969 (Missing authentication for critical function in Azure 
CycleCloud allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57968 (Buffer over-read in Windows Subsystem for Linux allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57898 (In Eclipse BaSyx Java Server SDK versions 2.0.0-milestone-05 
to 2.0.0- ...)
        TODO: check
 CVE-2026-57108 (Access of resource using incompatible type ('type confusion') 
in .NET  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57107 (Improper authentication in Windows Admin Center allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57102 (Inclusion of functionality from untrusted control sphere in 
Visual Stu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57101 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57097 (Untrusted search path in Microsoft XML allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57096 (Heap-based buffer overflow in Windows Routing and Remote 
Access Servic ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57095 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57094 (Heap-based buffer overflow in Microsoft Windows Media 
Foundation allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57093 (Use after free in Windows Ancillary Function Driver for 
WinSock allows ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57092 (Use after free in Windows VMSwitch allows an authorized 
attacker to el ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57091 (Stack-based buffer overflow in Windows File History Service 
allows an  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57090 (Heap-based buffer overflow in Microsoft Windows Media 
Foundation allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57089 (Use after free in Windows SMB Server Network Transport Driver 
(srvnet. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57088 (Improper access control in Extensible Storage Engine (ESENT) 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57087 (Heap-based buffer overflow in Microsoft Windows Media 
Foundation allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57085 (Out-of-bounds read in Windows Print Spooler Components allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57084 (Use of uninitialized resource in Windows File Explorer allows 
an unaut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57083 (Use of uninitialized resource in Microsoft Windows Codecs 
Library allo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56650 (Heap-based buffer overflow in Windows Network File System 
allows an au ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56649 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56648 (Time-of-check time-of-use (toctou) race condition in Windows 
Network F ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56647 (Integer overflow or wraparound in Windows Remote Access 
Service Infras ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56644 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56643 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56642 (Stack-based buffer overflow in Microsoft Fabric Data Warehouse 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56451 (A vulnerability has been identified in Opcenter X (All 
versions < V260 ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2026-56197 (Improper neutralization of special elements used in a command 
('comman ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56196 (Relative path traversal in Windows Admin Center allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56195 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56194 (Heap-based buffer overflow in Windows Network File System 
allows an au ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56193 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56192 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56190 (Use of uninitialized resource in Windows RDP allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56189 (Heap-based buffer overflow in Microsoft Windows Media 
Foundation allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56188 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56187 (Use after free in Windows MIDI Service Module allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56186 (Out-of-bounds read in Windows Schannel allows an authorized 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56185 (Improper authentication in Windows Admin Center allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56184 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56183 (Use after free in Windows MIDI Service Module allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56182 (Integer overflow or wraparound in Windows NTFS allows an 
authorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56181 (Origin validation error in Windows Network Address Translation 
(NAT) a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56178 (Time-of-check time-of-use (toctou) race condition in Microsoft 
Defende ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56176 (Out-of-bounds read in Windows Win32K - GRFX allows an 
authorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56175 (Heap-based buffer overflow in Windows NTFS allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56173 (Use after free in Windows WebView allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56170 (Allocation of resources without limits or throttling in 
ASP.NET Core a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56169 (Improper authentication in Windows Admin Center allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56168 (Null pointer dereference in Windows SMB Server allows an 
authorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56164 (Missing authentication for critical function in Microsoft 
Office Share ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56159 (Heap-based buffer overflow in Windows DHCP Server allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56157 (Improper access control in Microsoft Office SharePoint allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56156 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56155 (Insufficient granularity of access control in Active Directory 
Federat ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55954 (Authentication Bypass by Spoofing vulnerability in ueberauth 
ueberauth ...)
        TODO: check
 CVE-2026-55949 (Use of uninitialized resource in Microsoft Office Excel allows 
an unau ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55948 (Use after free in Microsoft Office Excel allows an 
unauthorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55947 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55944 (Deserialization of untrusted data in Microsoft Dynamics NAV 
allows an  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55899 (Stack-based buffer overflow in Microsoft Office Excel allows 
an unauth ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55898 (Out-of-bounds read in Microsoft Office Excel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55651 (Easy!Appointments is a self hosted appointment scheduler. In 
version 1 ...)
        TODO: check
 CVE-2026-55145 (Improper neutralization of special elements used in a command 
('comman ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55144 (Missing cryptographic step in Windows CryptoAPI allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55142 (Numeric truncation error in Microsoft Office Word allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55141 (Stack-based buffer overflow in Microsoft Office Excel allows 
an unauth ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55140 (Heap-based buffer overflow in Microsoft Office allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55139 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55138 (Untrusted pointer dereference in Microsoft Office Excel allows 
an unau ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55137 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55136 (Untrusted pointer dereference in Microsoft Office Excel allows 
an unau ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55135 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55134 (Stack-based buffer overflow in Microsoft Office Word allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55133 (Heap-based buffer overflow in Microsoft Office OneNote allows 
an unaut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55132 (Double free in Microsoft Office Word allows an unauthorized 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55131 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55130 (Heap-based buffer overflow in Microsoft Office Word allows an 
unauthor ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55129 (Heap-based buffer overflow in Microsoft Office allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55128 (Use after free in Microsoft Office Word allows an unauthorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55127 (Heap-based buffer overflow in Microsoft Office Word allows an 
unauthor ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55126 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55125 (Heap-based buffer overflow in Microsoft Office allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55124 (Improper validation of specified type of input in Microsoft 
Office Wor ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55123 (Heap-based buffer overflow in Microsoft Office PowerPoint 
allows an un ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55122 (Out-of-bounds read in Microsoft Office Excel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55121 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55120 (Heap-based buffer overflow in Microsoft Office PowerPoint 
allows an un ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55058 (Out-of-bounds read in Microsoft Office Excel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55057 (Integer overflow or wraparound in Microsoft Office allows an 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55056 (Heap-based buffer overflow in Microsoft Office allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55055 (Stack-based buffer overflow in Microsoft Office Word allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55054 (Out-of-bounds read in Microsoft Office Excel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55053 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55052 (Missing authorization in Microsoft Office SharePoint allows an 
authori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55051 (Server-side request forgery (ssrf) in Microsoft Office 
SharePoint allo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55050 (Out-of-bounds read in Microsoft Office Word allows an 
unauthorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55049 (Heap-based buffer overflow in Microsoft Office allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55048 (Integer overflow or wraparound in Microsoft Office Excel 
allows an una ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55047 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55046 (Out-of-bounds read in Microsoft Office Excel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55045 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55044 (Out-of-bounds read in Microsoft Office Excel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55043 (Heap-based buffer overflow in Microsoft Office PowerPoint 
allows an un ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55042 (Use of uninitialized resource in Microsoft Office allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55041 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55040 (Weak authentication in Microsoft Office SharePoint allows an 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55039 (Integer underflow (wrap or wraparound) in Microsoft Office 
Excel allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55038 (Stack-based buffer overflow in Microsoft Office Word allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55037 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55036 (Buffer over-read in Microsoft Office Excel allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55035 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55034 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55033 (Integer overflow or wraparound in Microsoft Office Word allows 
an unau ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55032 (Use after free in Microsoft Office Word allows an unauthorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55031 (Out-of-bounds read in Microsoft Office Excel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55030 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55029 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55028 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55027 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55026 (Integer overflow or wraparound in Microsoft Office allows an 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55025 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55024 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55023 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55022 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55021 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55020 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55019 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55018 (Use after free in Microsoft Office allows an unauthorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55017 (Heap-based buffer overflow in Microsoft Office allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55016 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55014 (Improper access control in Windows Remote Help Defense allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55012 (Integer overflow or wraparound in Microsoft Defender allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55011 (Integer underflow (wrap or wraparound) in Microsoft Defender 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55010 (Heap-based buffer overflow in Minecraft Bedrock Dedicated 
Server allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55009 (Deserialization of untrusted data in Microsoft Exchange Server 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55008 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55006 (Insufficient granularity of access control in Microsoft 
Exchange Serve ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55005 (Heap-based buffer overflow in Microsoft Exchange Server allows 
an auth ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55004 (Double free in Microsoft Printer Drivers allows an authorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55003 (Use of uninitialized resource in Windows RDP allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55002 (External control of file name or path in SQL Server allows an 
authoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55001 (Improper certificate validation in Windows Active Directory 
allows an  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55000 (Use after free in Windows USB Print Driver allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54999 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54997 (Use of uninitialized resource in Windows SMB allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54996 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54995 (Use after free in Reliable Multicast Transport Driver (RMCAST) 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54993 (Heap-based buffer overflow in Microsoft Windows Media 
Foundation allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54992 (Heap-based buffer overflow in Windows Message Queuing Queue 
Manager al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54991 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54990 (Heap-based buffer overflow in Remote Desktop Client allows an 
unauthor ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54989 (Use after free in Quality Windows Audio/Video Experience 
(QWAVE) servi ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54988 (Out-of-bounds read in Microsoft Office Excel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54987 (Heap-based buffer overflow in Windows Overlay Filter allows an 
authori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54986 (Heap-based buffer overflow in Windows Win32K allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54983 (Stack-based buffer overflow in Active Directory Federation 
Services (A ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54982 (Integer underflow (wrap or wraparound) in Reliable Multicast 
Transport ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54684 (jadx is a Dex to Java decompiler. From 1.5.2 to 1.5.5, a 
malicious .xa ...)
        TODO: check
 CVE-2026-54572 (Rclone is a command-line program to sync files and directories 
to and  ...)
        TODO: check
 CVE-2026-54429 (A vulnerability has been identified in SIMATIC S7-PLCSIM 
Advanced (All ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2026-54132 (Heap-based buffer overflow in Windows Kernel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54131 (Use after free in Microsoft Office Excel allows an 
unauthorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54129 (Use after free in Windows Hyper-V allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54128 (Use after free in Windows DHCP Client allows an unauthorized 
attacker  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54127 (Use after free in Windows Hyper-V allows an unauthorized 
attacker to e ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54126 (Out-of-bounds read in Windows RDP allows an unauthorized 
attacker to d ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54125 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54124 (Integer overflow or wraparound in Windows Terminal allows an 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54122 (Heap-based buffer overflow in Windows GDI+ allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54121 (Improper authorization in Active Directory Certificate 
Services (AD CS ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54119 (Loop with unreachable exit condition ('infinite loop') in 
Windows Acti ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54118 (Deserialization of untrusted data in SQL Server allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54117 (Deserialization of untrusted data in SQL Server allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54116 (Access of resource using incompatible type ('type confusion') 
in SQL S ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54115 (Integer overflow or wraparound in Windows Active Directory 
allows an a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54114 (Use after free in Windows Win32K allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54112 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54111 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54109 (Integer overflow or wraparound in Windows Resilient File 
System (ReFS) ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54108 (External control of file name or path in Microsoft Office 
SharePoint a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54107 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54058 (Pillow is a Python imaging library. Prior to 12.3.0, when 
Pillow loads ...)
        TODO: check
 CVE-2026-53633 (Vitest is a testing framework powered by Vite. From 3.0.0 
until 3.2.5, ...)
        TODO: check
 CVE-2026-53566 (Out-of-bounds read vulnerability in Citrix Citrix Secure 
Access Client ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2026-53565 (Improper Privilege Management vulnerability in Citrix Secure 
Access Cl ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2026-53486 (The decompress package for Node.js extracts archives. Prior to 
10.2.1  ...)
        TODO: check
 CVE-2026-52841 (Easy!Appointments is a self hosted appointment scheduler. In 
versions  ...)
@@ -639,529 +639,529 @@ CVE-2026-51807 (Buffer Overflow vulnerability in 
OpenHTJ2K v.0.18.4 and before a
 CVE-2026-51105 (Buffer Overflow vulnerability in aMULE-Project aMule v.2.3.3 
allows a  ...)
        TODO: check
 CVE-2026-50697 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50696 (Heap-based buffer overflow in Windows Internet Key Exchange 
(IKE) Prot ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50695 (Stack-based buffer overflow in Active Directory Federation 
Services al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50694 (Use after free in Windows Secure Socket Tunneling Protocol 
(SSTP) allo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50692 (Heap-based buffer overflow in Desktop Window Manager allows an 
authori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50690 (Use of uninitialized resource in Windows SMB allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50689 (Use after free in Windows Clipboard Server allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50688 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50687 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50686 (Access of resource using incompatible type ('type confusion') 
in Windo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50685 (Double free in Windows DHCP Server allows an authorized 
attacker to ex ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50684 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50683 (Heap-based buffer overflow in Windows DHCP Server allows an 
authorized ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50682 (Out-of-bounds read in Windows Active Directory allows an 
authorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50681 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50680 (Heap-based buffer overflow in Windows Hyper-V allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50679 (Heap-based buffer overflow in Microsoft Windows Search 
Component allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50678 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50677 (Use after free in Windows Media allows an authorized attacker 
to eleva ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50676 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50675 (Heap-based buffer overflow in Microsoft Office Excel allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50674 (Use after free in Windows USB Print Driver allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50673 (Null pointer dereference in Windows Kernel allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50672 (Use after free in Windows NTFS allows an authorized attacker 
to elevat ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50670 (Out-of-bounds read in Windows Kernel allows an authorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50669 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50668 (Heap-based buffer overflow in Windows NTFS allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50667 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50666 (Use after free in Windows Remote Access Connection Manager 
allows an a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50665 (Out-of-bounds read in Microsoft Office allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50663 (Relative path traversal in Age of Empires II: Definitive 
Edition Game  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50661 (Protection mechanism failure in Windows BitLocker allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50659 (Improper encoding or escaping of output in .NET allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50658 (Time-of-check time-of-use (toctou) race condition in Microsoft 
Defende ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50657 (Exposure of private personal information to an unauthorized 
actor in M ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50655 (Heap-based buffer overflow in Windows Media allows an 
unauthorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50653 (Loop with unreachable exit condition ('infinite loop') in 
Azure Active ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50652 (Deserialization of untrusted data in Azure Active Directory 
allows an  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50651 (Allocation of resources without limits or throttling in .NET 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50650 (Improper control of generation of code ('code injection') in 
.NET Fram ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50649 (Deserialization of untrusted data in .NET allows an 
unauthorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50648 (Allocation of resources without limits or throttling in .NET 
Framework ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50647 (Loop with unreachable exit condition ('infinite loop') in 
Active Direc ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50646 (Protection mechanism failure in .NET Framework allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50528 (Incorrect authorization in .NET allows an unauthorized 
attacker to byp ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50527 (Stack-based buffer overflow in .NET Framework allows an 
unauthorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50526 (Improper link resolution before file access ('link following') 
in .NET ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50525 (Allocation of resources without limits or throttling in .NET 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50524 (Improper validation of specified type of input in .NET 
Framework allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50522 (Deserialization of untrusted data in Microsoft Office 
SharePoint allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50520 (Improper neutralization of special elements used in a command 
('comman ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50518 (Heap-based buffer overflow in Windows DHCP Server allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50510 (Improper restriction of names for files and other resources in 
Github  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50509 (Deserialization of untrusted data in Windows Wireless Wide 
Area Networ ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50506 (Allocation of resources without limits or throttling in 
ASP.NET Core a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50505 (Use after free in Windows Message Queuing allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50504 (Buffer over-read in Remote Desktop Client allows an 
unauthorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50503 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50502 (Insufficient granularity of access control in Windows Event 
Logging Se ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50501 (Stack-based buffer overflow in Windows Resilient File System 
(ReFS) al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50500 (Use after free in Windows Netlogon allows an authorized 
attacker to el ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50499 (Heap-based buffer overflow in Windows Print Spooler Components 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50498 (Windows Universal Disk Format File System Driver (UDFS) 
Elevation of P ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50497 (Off-by-one error in Windows Remote Desktop Protocol allows an 
unauthor ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50496 (Out-of-bounds read in Windows Network Policy Server SNMP 
allows an una ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50495 (Improper access control in Microsoft Windows DNS allows an 
authorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50494 (Heap-based buffer overflow in Windows NTFS allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50493 (Use after free in Windows Graphics Kernel allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50492 (Heap-based buffer overflow in Windows Resilient File System 
(ReFS) all ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50491 (Out-of-bounds read in Code Integrity DLL (ci.dll) allows an 
authorized ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50490 (Use after free in Windows Installer allows an authorized 
attacker to e ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50489 (Heap-based buffer overflow in Windows Win32K allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50488 (Improper neutralization of special elements used in a command 
('comman ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50487 (Use after free in Microsoft Windows DNS allows an unauthorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50486 (Use after free in Windows Runtime allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50485 (Buffer over-read in Windows Hyper-V allows an authorized 
attacker to d ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50484 (Heap-based buffer overflow in Windows Kernel allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50483 (Exposure of sensitive information to an unauthorized actor in 
Microsof ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50482 (Heap-based buffer overflow in Windows NTFS allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50480 (Heap-based buffer overflow in Windows Web Proxy Auto-Discovery 
Protoco ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50479 (Untrusted pointer dereference in Windows USB Hub Driver allows 
an auth ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50478 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50477 (Heap-based buffer overflow in Windows Kernel allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50476 (Use after free in Microsoft Windows allows an authorized 
attacker to e ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50475 (Buffer over-read in Windows Kernel allows an authorized 
attacker to di ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50474 (Use after free in Remote Desktop Client allows an unauthorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50473 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50471 (Heap-based buffer overflow in Windows NTFS allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50470 (Out-of-bounds read in Windows Network Policy Server SNMP 
allows an una ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50469 (Improper link resolution before file access ('link following') 
in Wind ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50468 (Buffer over-read in SQL Server allows an authorized attacker 
to disclo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50467 (Use after free in Microsoft Office allows an unauthorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50466 (Use after free in Windows Brokering File System allows an 
authorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50465 (Improper access control in Microsoft Windows DNS allows an 
authorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50463 (Out-of-bounds read in Windows Kernel allows an unauthorized 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50462 (External control of file name or path in Windows Ancillary 
Function Dr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50461 (Heap-based buffer overflow in Windows NTFS allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50460 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50459 (Use after free in Windows Kernel allows an unauthorized 
attacker to el ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50458 (Use after free in Microsoft Brokering File System allows an 
authorized ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50457 (Use after free in Windows Runtime allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50456 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50455 (Use of uninitialized resource in Universal Plug and Play 
(upnp.dll) al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50454 (Relative path traversal in Windows User Interface Core allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50453 (Out-of-bounds read in Windows USB Audio Class driver 
(usbaudio.sys) al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50452 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50451 (Missing authentication for critical function in Windows 
Routing and Re ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50450 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50449 (Use after free in Windows Runtime allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50448 (Heap-based buffer overflow in Windows NTFS allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50447 (Heap-based buffer overflow in Windows Message Queuing allows 
an unauth ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50445 (Buffer over-read in Windows RDP allows an unauthorized 
attacker to dis ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50444 (Missing authentication for critical function in Windows Server 
Update  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50442 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50441 (Untrusted pointer dereference in Windows Resilient File System 
(ReFS)  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50440 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50439 (Use after free in Microsoft Message Queuing Queue Manager 
allows an un ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50438 (Improper link resolution before file access ('link following') 
in Micr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50437 (Out-of-bounds read in Windows DWM Core Library allows an 
authorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50436 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50435 (Buffer over-read in Windows Overlay Filter allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50434 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50433 (Use after free in Windows Media allows an authorized attacker 
to eleva ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50432 (Use after free in Windows Virtual Filtering Platform (VFP) 
allows an a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50431 (Windows Quality of Service (QoS) Packet Scheduler Information 
Disclosu ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50430 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50429 (Out-of-bounds read in Windows Kernel allows an unauthorized 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50428 (Out-of-bounds read in Windows Container Isolation FS Filter 
Driver (un ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50427 (Use after free in Content Delivery Manager allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50426 (Relative path traversal in DNS Server allows an authorized 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50425 (Use after free in Windows Internal System User Profile allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50424 (Untrusted pointer dereference in Windows Domain Controller 
allows an u ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50423 (Improper access control in Windows Kernel allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50422 (Out-of-bounds read in Windows NTFS allows an authorized 
attacker to el ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50421 (Access of resource using incompatible type ('type confusion') 
in Windo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50420 (Out-of-bounds read in Windows HTTP.sys allows an unauthorized 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50419 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50418 (Improper access control in Windows System allows an 
unauthorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50417 (Heap-based buffer overflow in Windows NTFS allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50416 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50415 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50414 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50413 (Use after free in Windows Runtime allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50412 (Stack-based buffer overflow in Windows NTFS allows an 
authorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50411 (Stack-based buffer overflow in Active Directory Federation 
Services (A ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50410 (Use after free in Windows Runtime allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50409 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50408 (Out-of-bounds read in Microsoft Office Excel allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50407 (Heap-based buffer overflow in Windows Resilient File System 
(ReFS) all ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50406 (Use after free in Windows Backup Engine allows an authorized 
attacker  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50405 (Insufficient granularity of access control in Windows 
Filtering Platfo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50404 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50403 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50402 (Incorrect conversion between numeric types in Windows NTFS 
allows an a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50401 (Out-of-bounds read in Windows Cloud Files Mini Filter Driver 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50400 (Stack-based buffer overflow in Windows App Installer allows an 
authori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50399 (Out-of-bounds read in Windows Kernel allows an authorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50398 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50397 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50396 (Use after free in Windows Kernel-Mode Drivers allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50394 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50393 (Use after free in Windows Kernel-Mode Drivers allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50392 (Use after free in Windows Secure Kernel Mode allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50391 (Improper privilege management in Windows Group Policy allows 
an author ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50390 (Access of resource using incompatible type ('type confusion') 
in Windo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50389 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50388 (Out-of-bounds read in Windows NTFS allows an unauthorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50387 (Stack-based buffer overflow in Windows GDI allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50386 (Heap-based buffer overflow in Windows NTFS allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50385 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50384 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50383 (Buffer over-read in Windows Print Spooler Components allows an 
authori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50382 (Untrusted pointer dereference in Windows DirectX allows an 
authorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50381 (Access of resource using incompatible type ('type confusion') 
in Compo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50380 (Heap-based buffer overflow in Windows GDI+ allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50379 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50378 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50377 (Out-of-bounds read in Windows Kernel allows an authorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50376 (Use of uninitialized resource in Windows RDP allows an 
unauthorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50375 (Heap-based buffer overflow in Windows DirectX allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50374 (Use after free in Windows Cloud Files Mini Filter Driver 
allows an aut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50373 (Improper access control in Microsoft Windows Search Component 
allows a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50372 (Buffer over-read in Windows Redirected Drive Buffering allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50371 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50370 (Heap-based buffer overflow in Windows DHCP Server allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50369 (Use after free in Windows Remote Desktop Services allows an 
authorized ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50368 (Stack-based buffer overflow in Active Directory Federation 
Services al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50367 (Incorrect access of indexable resource ('range error') in 
Windows Sens ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50366 (Null pointer dereference in Active Directory Domain Services 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50365 (Improper authentication in Windows RPC API allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50364 (Improper link resolution before file access ('link following') 
in Wind ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50363 (Heap-based buffer overflow in Windows Push Notifications 
allows an aut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50362 (Heap-based buffer overflow in Windows Resilient File System 
(ReFS) all ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50361 (Double free in Microsoft Brokering File System allows an 
authorized at ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50360 (Incorrect implementation of authentication algorithm in 
Windows SMB Se ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50359 (Use after free in Microsoft XML Core Services allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50358 (Use after free in Windows Media allows an authorized attacker 
to eleva ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50357 (Numeric truncation error in Windows Resilient File System 
(ReFS) allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50356 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50355 (Stack-based buffer overflow in Active Directory Federation 
Services al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50354 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50353 (Use after free in Windows DirectX allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50352 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50351 (Improper access control in Windows Audio Compression Manager 
(ACM) all ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50350 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50348 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50347 (Heap-based buffer overflow in Windows Data dll allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50346 (Improper authorization in RPC Runtime allows an authorized 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50345 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50344 (Improper authorization in Windows OLE allows an authorized 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50343 (Improper privilege management in Microsoft Install Service 
allows an a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50342 (Improper access control in Windows MIDI Service Module allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50341 (Buffer over-read in Windows NTFS allows an authorized attacker 
to disc ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50340 (Use after free in Windows Runtime allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50339 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50338 (Improper authentication in Azure Spring Apps allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50337 (Incorrect type conversion or cast in Windows Notification 
allows an au ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50336 (Heap-based buffer overflow in Windows Media allows an 
authorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50335 (Improper access control in Windows Operating Systems allows an 
authori ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50334 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50333 (Missing authentication for critical function in Windows 
Spaceport.sys  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50332 (Heap-based buffer overflow in Windows Kernel allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50331 (Use after free in Windows Application Model allows an 
authorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50330 (Heap-based buffer overflow in Remote Desktop Client allows an 
unauthor ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50329 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50328 (Uncaught exception in Windows Server Update Service allows an 
unauthor ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50327 (Heap-based buffer overflow in Windows Media allows an 
authorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50326 (Use after free in Windows Unified Consent System allows an 
authorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50325 (Improper access control in Windows Win32K allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50324 (Loop with unreachable exit condition ('infinite loop') in 
Active Direc ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50323 (Use after free in Windows Runtime allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50322 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50321 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50318 (Stack-based buffer overflow in Windows Resilient File System 
(ReFS) al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50317 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50316 (Insertion of sensitive information into log file in Windows 
Kernel all ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50315 (Null pointer dereference in Windows Image Acquisition allows 
an author ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50314 (Use after free in Microsoft Office allows an unauthorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50313 (Heap-based buffer overflow in Windows NTFS allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50312 (Use after free in Windows Ancillary Function Driver for 
WinSock allows ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50311 (Improper access control in Windows Server allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50310 (Integer overflow or wraparound in Windows Devices Human 
Interface allo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50309 (Heap-based buffer overflow in Windows NTFS allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50308 (Integer underflow (wrap or wraparound) in Windows NTFS allows 
an unaut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50307 (Use after free in Windows TCP/IP allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50306 (Use after free in Windows TCP/IP allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50305 (Use after free in Microsoft Brokering File System allows an 
authorized ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50304 (Stack-based buffer overflow in Active Directory Federation 
Services al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50303 (Use of a cryptographic primitive with a risky implementation 
in Window ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50302 (Improper certificate validation in Windows Cryptographic 
Services allo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50301 (Heap-based buffer overflow in Microsoft Office allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50300 (Integer underflow (wrap or wraparound) in Windows Kernel 
allows an aut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50299 (Integer overflow or wraparound in Windows Storage Spaces 
Direct allows ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50298 (Integer overflow or wraparound in Windows Spaceport.sys allows 
an unau ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50297 (Improper access control in Windows Win32K allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50296 (Use after free in Graphics Kernel allows an authorized 
attacker to ele ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50295 (Improper privilege management in Microsoft Windows DNS allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50294 (Exposure of sensitive system information to an unauthorized 
control sp ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50293 (Use after free in Windows Internal Task Bar allows an 
authorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-50130 (Pi-hole is a DNS sinkhole that protects devices from unwanted 
content  ...)
        TODO: check
 CVE-2026-4018 (TOCTOU Race Condition in specific trace commands of the 
TraceEvent() s ...)
-       TODO: check
+       NOT-FOR-US: Blackberry
 CVE-2026-4017 (Buffer Overflow in the entry handler of the TraceEvent() system 
call c ...)
-       TODO: check
+       NOT-FOR-US: Blackberry
 CVE-2026-49981 (Twig is a template language for PHP. Prior to 3.27.0, the 
per-template ...)
        TODO: check
 CVE-2026-49978 (DOMPurify is a DOM-only cross-site scripting sanitizer for 
HTML, MathM ...)
@@ -1173,53 +1173,53 @@ CVE-2026-49854 (Tornado is a Python web framework and 
asynchronous networking li
 CVE-2026-49853 (Tornado is a Python web framework and asynchronous networking 
library. ...)
        TODO: check
 CVE-2026-49808 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49807 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49806 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49805 (Improper access control in Windows Win32K allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49804 (Heap-based buffer overflow in Windows USB Video Driver allows 
an unaut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49803 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49802 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49801 (Use of uninitialized resource in Windows SMB allows an 
authorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49800 (Integer overflow or wraparound in Windows Web Proxy 
Auto-Discovery Pro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49799 (Uncontrolled resource consumption in Windows Local Security 
Authority  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49798 (Use after free in Windows Kernel allows an unauthorized 
attacker to el ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49797 (Heap-based buffer overflow in Windows NTFS allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49796 (Heap-based buffer overflow in Windows GDI+ allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49795 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49794 (Out-of-bounds read in Windows USB Audio Class driver 
(usbaudio.sys) al ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49793 (Heap-based buffer overflow in Windows Resilient File System 
(ReFS) all ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49792 (Numeric truncation error in Windows Resilient File System 
(ReFS) allow ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49791 (Improper link resolution before file access ('link following') 
in Wind ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49790 (Windows Universal Disk Format File System Driver (UDFS) 
Elevation of P ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49789 (Stack-based buffer overflow in Windows NTFS allows an 
authorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49788 (Allocation of resources without limits or throttling in HTTP/2 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49787 (Allocation of resources without limits or throttling in 
Windows HTTP.s ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49784 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49783 (Improperly implemented security check for standard in Windows 
Secure B ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49477 (Soup Sieve is a CSS selector library designed to be used with 
Beautifu ...)
        TODO: check
 CVE-2026-49476 (Soup Sieve is a CSS selector library designed to be used with 
Beautifu ...)
@@ -1229,45 +1229,45 @@ CVE-2026-49459 (DOMPurify is a DOM-only cross-site 
scripting sanitizer for HTML,
 CVE-2026-49458 (DOMPurify is a DOM-only cross-site scripting sanitizer for 
HTML, MathM ...)
        TODO: check
 CVE-2026-49184 (Heap-based buffer overflow in Windows NTFS allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49183 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49181 (Integer underflow (wrap or wraparound) in Windows DHCP Client 
allows a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49180 (Improper link resolution before file access ('link following') 
in Univ ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49178 (Heap-based buffer overflow in Active Directory Domain Services 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49177 (Out-of-bounds read in Windows TCP/IP allows an authorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49176 (Improper privilege management in Windows WalletService allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49175 (Heap-based buffer overflow in Windows DNS allows an authorized 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49174 (Missing authentication for critical function in Microsoft 
Windows DNS  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49173 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49172 (Heap-based buffer overflow in Windows FTP Service allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49171 (Use after free in Microsoft Windows Speech allows an 
authorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49170 (Insufficient granularity of access control in Windows 
StateRepository  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49169 (Use after free in DNS Server allows an authorized attacker to 
execute  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49168 (Integer overflow or wraparound in Windows Storage Spaces 
Direct allows ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49167 (Use after free in Windows Kernel allows an authorized attacker 
to elev ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49166 (Use after free in Microsoft Printer Drivers allows an 
authorized attac ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49165 (Use of uninitialized resource in Microsoft Windows App Store 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49164 (Heap-based buffer overflow in Active Directory Domain Services 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-49162 (Use after free in Microsoft Brokering File System allows an 
authorized ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-48816 (sigstore-js provides JavaScript libraries for interacting with 
Sigstor ...)
        TODO: check
 CVE-2026-48815 (sigstore-js provides JavaScript libraries for interacting with 
Sigstor ...)
@@ -1277,159 +1277,159 @@ CVE-2026-48801 (linkify-it is a links recognition 
library with full Unicode supp
 CVE-2026-48758 (sigstore-js provides JavaScript libraries for interacting with 
Sigstor ...)
        TODO: check
 CVE-2026-48581 (Insufficient granularity of access control in Microsoft 
Surface allows ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-48580 (Untrusted pointer dereference in Microsoft Office Excel allows 
an unau ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-48572 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-48571 (Use after free in Windows App Installer allows an authorized 
attacker  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-48564 (Heap-based buffer overflow in Windows DHCP Server allows an 
authorized ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-48561 (Improper neutralization of special elements used in a command 
('comman ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-48371 (Adobe Commerce is affected by a stored Cross-Site Scripting 
(XSS) vuln ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48370 (Media Encoder is affected by an out-of-bounds write 
vulnerability that ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48369 (Premiere Pro is affected by an out-of-bounds write 
vulnerability that  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48368 (Audition is affected by an out-of-bounds write vulnerability 
that coul ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48367 (After Effects is affected by an out-of-bounds write 
vulnerability that ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48366 (Media Encoder is affected by an out-of-bounds write 
vulnerability that ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48365 (Audition is affected by an out-of-bounds write vulnerability 
that coul ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48359 (Adobe Experience Manager is affected by an Improper 
Restriction of XML ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48358 (Adobe Commerce is affected by an Improper Encoding or Escaping 
of Outp ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48357 (CAI Content Credentials is affected by an Uncontrolled 
Resource Consum ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48356 (Adobe Commerce is affected by an Unrestricted Upload of File 
with Dang ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48355 (Adobe Experience Manager is affected by a stored Cross-Site 
Scripting  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48354 (CAI Content Credentials is affected by an Integer Overflow or 
Wraparou ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48353 (CAI Content Credentials is affected by an Improper Input 
Validation vu ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48352 (CAI Content Credentials is affected by an Improper Input 
Validation vu ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48351 (CAI Content Credentials is affected by an Improper Input 
Validation vu ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48350 (Animate is affected by an Improper Limitation of a Pathname to 
a Restr ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48349 (Animate is affected by an Incorrect Authorization 
vulnerability that c ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48348 (Animate is affected by an Incorrect Authorization 
vulnerability that c ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48347 (Animate is affected by an Improper Neutralization of Special 
Elements  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48346 (Animate is affected by an Untrusted Search Path vulnerability 
that cou ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48345 (Animate is affected by an Improper Neutralization of Special 
Elements  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48344 (Creative Cloud Desktop is affected by a Time-of-check 
Time-of-use (TOC ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48343 (Bridge is affected by an out-of-bounds write vulnerability 
that could  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48342 (Bridge is affected by an Integer Overflow or Wraparound 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48341 (Bridge is affected by an out-of-bounds write vulnerability 
that could  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48340 (Bridge is affected by an Untrusted Pointer Dereference 
vulnerability t ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48339 (Bridge is affected by a Heap-based Buffer Overflow 
vulnerability that  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48338 (ColdFusion is affected by an Improper Limitation of a Pathname 
to a Re ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48337 (Illustrator is affected by an out-of-bounds write 
vulnerability that c ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48336 (Illustrator is affected by an out-of-bounds write 
vulnerability that c ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48335 (Illustrator is affected by an out-of-bounds write 
vulnerability that c ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48334 (Illustrator is affected by an Improper Input Validation 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48332 (ColdFusion is affected by a Server-Side Request Forgery (SSRF) 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48329 (ColdFusion is affected by an Insufficient Session Expiration 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48328 (ColdFusion is affected by an Improper Input Validation 
vulnerability t ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48327 (ColdFusion is affected by an Incorrect Authorization 
vulnerability tha ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48325 (ColdFusion is affected by a Missing Authentication for 
Critical Functi ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48324 (ColdFusion is affected by an Improper Neutralization of 
Special Elemen ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48322 (ColdFusion is affected by an Improper Control of Generation of 
Code (' ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48321 (ColdFusion is affected by an Incorrect Authorization 
vulnerability tha ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48320 (ColdFusion is affected by a reflected Cross-Site Scripting 
(XSS) vulne ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48319 (ColdFusion is affected by an Improper Limitation of a Pathname 
to a Re ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48318 (ColdFusion is affected by an Improper Limitation of a Pathname 
to a Re ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48312 (CAI Content Credentials is affected by an Improper Input 
Validation vu ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48311 (Bridge is affected by an out-of-bounds write vulnerability 
that could  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48310 (Adobe Experience Manager is affected by an Improper Limitation 
of a Pa ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48309 (Audition is affected by an out-of-bounds write vulnerability 
that coul ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48308 (Premiere Pro is affected by an Improper Input Validation 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48302 (CAI Content Credentials is affected by an Improper Input 
Validation vu ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48298 (CAI Content Credentials is affected by an Integer Underflow 
(Wrap or W ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48296 (CAI Content Credentials is affected by an Integer Underflow 
(Wrap or W ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48295 (CAI Content Credentials is affected by an Insufficiently 
Protected Cre ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48290 (CAI Content Credentials is affected by a Server-Side Request 
Forgery ( ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48287 (CAI Content Credentials is affected by an Untrusted Search 
Path vulner ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48284 (ColdFusion is affected by an Improper Input Validation 
vulnerability t ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48275 (Illustrator is affected by an Untrusted Search Path 
vulnerability that ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48274 (After Effects is affected by an out-of-bounds write 
vulnerability that ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48272 (Creative Cloud Desktop is affected by an Uncontrolled Search 
Path Elem ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48270 (Premiere Pro is affected by an out-of-bounds write 
vulnerability that  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48269 (Premiere Pro is affected by a Heap-based Buffer Overflow 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48263 (Adobe Experience Manager is affected by a stored Cross-Site 
Scripting  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48262 (Adobe Experience Manager is affected by a DOM-based Cross-Site 
Scripti ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48261 (Adobe Experience Manager is affected by a DOM-based Cross-Site 
Scripti ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48260 (Adobe Experience Manager is affected by a DOM-based Cross-Site 
Scripti ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48259 (Adobe Experience Manager is affected by a Server-Side Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48257 (Adobe Experience Manager is affected by a DOM-based Cross-Site 
Scripti ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48255 (Adobe Experience Manager is affected by a DOM-based Cross-Site 
Scripti ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48254 (Adobe Experience Manager is affected by a DOM-based Cross-Site 
Scripti ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48253 (Adobe Experience Manager is affected by a DOM-based Cross-Site 
Scripti ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48252 (Adobe Experience Manager is affected by a Missing 
Authentication for C ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48125 (UAParser.js is a JavaScript library to detect browsers, 
operating syst ...)
        TODO: check
 CVE-2026-48069 (@grpc/grps-js implements the core functionality of gRPC purely 
in Java ...)
@@ -1439,39 +1439,39 @@ CVE-2026-48068 (@grpc/grps-js implements the core 
functionality of gRPC purely i
 CVE-2026-48038 (joi is a schema description language and data validator for 
JavaScript ...)
        TODO: check
 CVE-2026-48001 (Adobe Commerce is affected by an Information Exposure 
vulnerability th ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-48000 (Adobe Commerce is affected by an Improper Redirect (Open 
Redirect) vul ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47999 (Adobe Commerce is affected by a stored Cross-Site Scripting 
(XSS) vuln ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47998 (Adobe Commerce is affected by an Incorrect Authorization 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47997 (Adobe Commerce is affected by an Incorrect Authorization 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47996 (Adobe Commerce is affected by an Incorrect Authorization 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47995 (Adobe Commerce is affected by a stored Cross-Site Scripting 
(XSS) vuln ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47994 (Adobe Commerce is affected by a stored Cross-Site Scripting 
(XSS) vuln ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47992 (Adobe Commerce is affected by an Improper Neutralization of 
Special El ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47988 (Adobe Commerce is affected by an Incorrect Authorization 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47984 (Adobe Commerce is affected by an Incorrect Authorization 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47979 (Media Encoder is affected by an out-of-bounds read 
vulnerability that  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47976 (Media Encoder is affected by an out-of-bounds write 
vulnerability that ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47971 (Media Encoder is affected by a Stack-based Buffer Overflow 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47969 (Audition is affected by an out-of-bounds read vulnerability 
that could ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47968 (Audition is affected by an out-of-bounds write vulnerability 
that coul ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47967 (Audition is affected by an out-of-bounds write vulnerability 
that coul ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2026-47767 (Symfony is a PHP framework for web and console applications 
and a set  ...)
        TODO: check
 CVE-2026-47737 (Puma is a Ruby/Rack web server built for parallelism. From 
5.5.0 until ...)
@@ -1479,33 +1479,33 @@ CVE-2026-47737 (Puma is a Ruby/Rack web server built 
for parallelism. From 5.5.0
 CVE-2026-47736 (Puma is a Ruby/Rack web server built for parallelism. From 
5.5.0 until ...)
        TODO: check
 CVE-2026-47642 (Use after free in Microsoft Office Excel allows an 
unauthorized attack ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47632 (Improper certificate validation in Azure Monitor Agent allows 
an unaut ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47482 (NVIDIA Triton Inference Server for Linux contains a 
vulnerability wher ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47481 (NVIDIA Triton Inference Server for Linux contains a 
vulnerability wher ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47480 (NVIDIA Triton Inference Server for Linux contains a 
vulnerability wher ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47479 (NVIDIA Triton Inference Server for Linux contains a 
vulnerability wher ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47478 (NVIDIA Triton Inference Server for Linux contains a 
vulnerability wher ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47477 (NVIDIA Triton Inference Server for Linux contains a 
vulnerability wher ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47476 (NVIDIA Triton Inference Server for Linux contains a 
vulnerability wher ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47475 (NVIDIA TensorRT-LLM contains a vulnerability in the 
OpenAI-compatible  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47473 (NVIDIA TensorRT-LLM contains a vulnerability where an attacker 
could c ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47472 (NVIDIA TensorRT-LLM contains a vulnerability in its 
inter-process comm ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47471 (NVIDIA TensorRT-LLM for any platform contains a vulnerability 
in tenso ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47470 (NVIDIA TensorRT-LLM for any platform contains a vulnerability 
in the g ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-47429 (Vitest is a testing framework powered by Vite. Prior to 3.2.5 
and 4.1. ...)
        TODO: check
 CVE-2026-47428 (Vitest is a testing framework powered by Vite. From 4.0.17 
until 4.1.6 ...)
@@ -1513,57 +1513,57 @@ CVE-2026-47428 (Vitest is a testing framework powered 
by Vite. From 4.0.17 until
 CVE-2026-47423 (DOMPurify is a DOM-only cross-site scripting sanitizer for 
HTML, MathM ...)
        TODO: check
 CVE-2026-47305 (Protection mechanism failure in Visual Studio allows an 
unauthorized a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47304 (Improper verification of cryptographic signature in .NET 
allows an una ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47303 (Authentication bypass by assumed-immutable data in ASP.NET 
Core allows ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47302 (Allocation of resources without limits or throttling in .NET 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47301 (Improper access control in Microsoft Configuration Manager 
allows an a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47300 (Incorrect implementation of authentication algorithm in 
ASP.NET Core a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47296 (Improper neutralization of special elements used in an sql 
command ('s ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47295 (Improper neutralization of special elements used in an sql 
command ('s ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47290 (Use after free in Microsoft Office allows an unauthorized 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-47282 (Insufficiently protected credentials in GitHub Copilot and 
Visual Stud ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-45646 (Allocation of resources without limits or throttling in 
ASP.NET Core a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-45496 (Improper limitation of a pathname to a restricted directory 
('path tra ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-45363 (ruby-jwt is a Ruby implementation of the RFC 7519 OAuth JSON 
Web Token ...)
        TODO: check
 CVE-2026-44806 (Missing release of memory after effective lifetime in Windows 
Cryptogr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-44800 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-42990 (Heap-based buffer overflow in SQL Server ODBC driver allows an 
unautho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-42982 (Improper validation of consistency within input in Windows 
Secure Kern ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-42975 (Heap-based buffer overflow in Windows Bluetooth Port Driver 
allows an  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-42936 (The installer of HYPER SBI 2 insecurely loads Dynamic Link 
Libraries.  ...)
        TODO: check
 CVE-2026-42900 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-42447 (jadx is a Dex to Java decompiler. Prior to 1.5.6, jadx-gui is 
affected ...)
        TODO: check
 CVE-2026-42049 (jadx is a Dex to Java decompiler. Prior to 1.5.6, jadx inserts 
the and ...)
        TODO: check
 CVE-2026-41087 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-40422 (Use of uninitialized resource in Windows File Explorer allows 
an autho ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-40400 (Relative path traversal in Windows PowerShell allows an 
authorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-40378 (Memory allocation with excessive size value in Windows Local 
Security  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-3014 (Milestone has released a new version of XProtect\xae (and 
several cumu ...)
        TODO: check
 CVE-2026-38450 (An issue in Aetopia Digital Asset Management DAM v.1.0.0 
allows a remo ...)
@@ -1573,41 +1573,41 @@ CVE-2026-36214 (osTicket versions from 1.10 up to 
1.17.7 and from 1.18.0 up to 1
 CVE-2026-36035 (Incorrect access control in the /api/License/deactivateOffline 
endpoin ...)
        TODO: check
 CVE-2026-34349 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-34348 (Protection mechanism failure in Windows Event Logging Service 
allows a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-34346 (Cleartext transmission of sensitive information in Windows 
Ancillary F ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-34328 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-33842 (Exposure of sensitive information to an unauthorized actor in 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-24272 (NVIDIA TensorRT contains a vulnerability where an attacker 
might cause ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24271 (NVIDIA TensorRT-LLM contains a vulnerability in the 
OpenAI-compatible  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24268 (NVIDIA TensorRT contains a vulnerability where an attacker 
might cause ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24259 (NVIDIA TensorRT-LLM for Linux contains a vulnerability where 
an attack ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24238 (NVIDIA TensorRT for contains a vulnerability where an attacker 
might c ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24234 (NVIDIA TensorRT-LLM for Linux contains a vulnerability in the 
multimod ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24233 (NVIDIA TensorRT-LLM for Linux contains a vulnerability in the 
restrict ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24229 (NVIDIA TensorRT-LLM for Linux contains a vulnerability in the 
disaggre ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24227 (NVIDIA TensorRT for contains a vulnerability where a user 
might cause  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24226 (NVIDIA TensorRT-LLM for Linux contains a vulnerability where 
an attack ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24220 (NVIDIA TensorRT-LLM for any platform contains a vulnerability 
in visua ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-23573 (An Improper Neutralization of Input During Web Page Generation 
('Cross ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2026-21840 (HCL BigFix Platform is affected by a user enumeration 
vulnerability wh ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2026-15778 (Insufficient validation of untrusted input in Navigation in 
Google Chr ...)
        TODO: check
 CVE-2026-15777 (Use after free in UI in Google Chrome on Linux prior to 
150.0.7871.125 ...)
@@ -1639,7 +1639,7 @@ CVE-2026-15765 (Use after free in Ozone in Google Chrome 
prior to 150.0.7871.125
 CVE-2026-15764 (Use after free in Ozone in Google Chrome on Linux prior to 
150.0.7871. ...)
        TODO: check
 CVE-2026-15757 (A security flaw was discovered in the NETGEAR DGND3700v1 that 
could al ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2026-15753 (A vulnerability was determined in zhinianboke 
xianyu-auto-reply on Ser ...)
        TODO: check
 CVE-2026-15752 (A vulnerability was found in zhinianboke xianyu-auto-reply up 
to dcb44 ...)
@@ -1651,13 +1651,13 @@ CVE-2026-15750 (A weakness has been identified in 
mastergo-design mastergo-magic
 CVE-2026-15749 (A security flaw has been discovered in mastergo-design 
mastergo-magic- ...)
        TODO: check
 CVE-2026-15738 (Incorrect behavior order in the Gateway API listener-rule 
generation i ...)
-       TODO: check
+       NOT-FOR-US: Amazon
 CVE-2026-15736 (Snowflake SQLAlchemy versions prior to 1.11.0 contain several 
security ...)
        TODO: check
 CVE-2026-15720 (InOpen5GS through version 2.7.7 a pre-authenticationheap 
out-of-bounds ...)
        TODO: check
 CVE-2026-15715 (A vulnerability was identified in SourceCodester Class and 
Exam Timeta ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-15714 (An out-of-bounds read vulnerability was found in libsoup's 
multipart p ...)
        TODO: check
 CVE-2026-15713 (A vulnerability was found in libsoup's HTTP/2 protocol 
implementation. ...)
@@ -1669,13 +1669,13 @@ CVE-2026-15711 (A vulnerability was found in libsoup's 
WebSocket frame parsing i
 CVE-2026-15709 (A flaw was found in libsoup's WebSocket implementation when 
using the  ...)
        TODO: check
 CVE-2026-15703 (A vulnerability was detected in SourceCodester Simple and Nice 
Shoppin ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-15702 (A security vulnerability has been detected in tamagui up to 
2.3.0. Thi ...)
        TODO: check
 CVE-2026-15701 (A weakness has been identified in Totolink NR1800X 
9.1.0u.6279_B202109 ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2026-15700 (A security flaw has been discovered in DedeCMS 5.7.118. 
Affected by th ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2026-15699 (A vulnerability was identified in spencermountain compromise 
up to 14. ...)
        TODO: check
 CVE-2026-15698 (A vulnerability was determined in kofrasa mingo up to 7.2.1. 
This impa ...)
@@ -1683,131 +1683,131 @@ CVE-2026-15698 (A vulnerability was determined in 
kofrasa mingo up to 7.2.1. Thi
 CVE-2026-15697 (A vulnerability was found in svgdotjs svg.js up to 3.2.5. This 
affects ...)
        TODO: check
 CVE-2026-15696 (A vulnerability has been found in Tenda BE12 Pro 16.03.66.23. 
The impa ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2026-15695 (A flaw has been found in Tenda BE12 Pro 16.03.66.23. The 
affected elem ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2026-15694 (A vulnerability was detected in Tenda BE12 Pro 16.03.66.23. 
Impacted i ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2026-15693 (A security vulnerability has been detected in Tenda BE12 Pro 
16.03.66. ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2026-15692 (A weakness has been identified in Tenda BE12 Pro 16.03.66.23. 
This vul ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2026-15691 (A security flaw has been discovered in Tenda BE12 Pro 
16.03.66.23. Thi ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2026-15690 (A vulnerability was identified in open62541 up to 1.5.5. 
Affected by t ...)
        TODO: check
 CVE-2026-15643 (AWS HealthLake MCP Server (awslabs.healthlake-mcp-server) is a 
Model C ...)
-       TODO: check
+       NOT-FOR-US: Amazon
 CVE-2026-15642 (Insertion of sensitive information into a file in the Recovery 
Kit res ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2026-15641 (Improper authorization in the access request status endpoint 
in Devolu ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2026-15637 (Improper authorization in the PAM SSH key and certificate 
retrieval  e ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2026-15429 (A privilege escalation vulnerability exists in the HTTP 
authentication ...)
-       TODO: check
+       NOT-FOR-US: TPLink
 CVE-2026-15428 (An OS command injection vulnerability exists in Archer VX800v 
v1 due t ...)
-       TODO: check
+       NOT-FOR-US: TPLink
 CVE-2026-15427 (An OS command injection vulnerability exists in the TR-069 / 
CWMP mana ...)
-       TODO: check
+       NOT-FOR-US: TPLink
 CVE-2026-15416 (A flaw was identified in Argo CD, the GitOps engine used by 
Red Hat Op ...)
-       TODO: check
+       NOT-FOR-US: Argo CD
 CVE-2026-15410 (Post-authentication improper control of generation of code 
('Code Inje ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2026-15409 (A Server-side request forgery (SSRF) vulnerability has been 
identified ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2026-15389 (A vulnerability relating to insufficient access control has 
been ident ...)
        TODO: check
 CVE-2026-15305 (Users were able to upload files with arbitrary MIME types to 
forms usi ...)
-       TODO: check
+       NOT-FOR-US: TYPO3 (core or extensions)
 CVE-2026-15265 (A path traversal vulnerability in Tenable Agent 11.2.0 and 
11.1.3 and  ...)
        TODO: check
 CVE-2026-15183 (Multiple input validation vulnerabilities in the Snowflake 
Spark Conne ...)
        TODO: check
 CVE-2026-15076 (In versions up to and including 4.5.29 (4.x branch) and 5.1.4 
(5.x bra ...)
-       TODO: check
+       NOT-FOR-US: Eclipse
 CVE-2026-15075 (In Eclipse Vert.x versions up to and including 4.5.29 (4.x 
branch) and ...)
-       TODO: check
+       NOT-FOR-US: Eclipse
 CVE-2026-15058 (Improper authorization in the secure messages deletion 
endpoint in Dev ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2026-15030 (Out-of-bounds Read in ASUS System Control Interface v3, ASUS 
System Co ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2026-15029 (Untrusted Pointer Dereference in ASUS System Control Interface 
v3, ASU ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2026-14903 (Path traversal inIvantiXtractionbeforeversion2026.2.1allows a 
remote a ...)
-       TODO: check
+       NOT-FOR-US: Ivanti
 CVE-2026-14902 (An open redirect in IvantiXtractionbeforeversion2026.2.1allows 
a remot ...)
-       TODO: check
+       NOT-FOR-US: Ivanti
 CVE-2026-14852 (Privilege escalation in Checkmk versions 2.5.0 before 2.5.0p9, 
2.4.0 b ...)
        TODO: check
 CVE-2026-14646 (Nexus Repository 3 did not apply its existing Server-Side 
Request Forg ...)
-       TODO: check
+       NOT-FOR-US: Sonatype
 CVE-2026-14645 (Nexus Repository 3 does not validate the destination of the 
"Webhook:  ...)
-       TODO: check
+       NOT-FOR-US: Sonatype
 CVE-2026-14504 (An authorization bypass in Nexus Repository 3's component 
upload API a ...)
-       TODO: check
+       NOT-FOR-US: Sonatype
 CVE-2026-13699 (In Eclipse KUKSA Databroker version 0.6.1, 
thekuksa.val.v2.VAL/Publish ...)
-       TODO: check
+       NOT-FOR-US: Eclipse
 CVE-2026-13585 (Allocation of Resources Without Limits and Throttling and 
Sensitive In ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2026-13385 (An Improper Validation of Integrity Check Value and Improper 
Certifica ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2026-13230 (An information disclosure vulnerability was identified in 
TP-Link Kasa ...)
-       TODO: check
+       NOT-FOR-US: TPLink
 CVE-2026-13001 (The Podlove Podcast Publisher plugin for WordPress is 
vulnerable to ar ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-12707 (Summary    Cloudflare quiche was discovered to be vulnerable 
to memory ...)
        TODO: check
 CVE-2026-12659 (A denial-of-service security issue exists in the affected 
products. Th ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-12606 (Eclipse Grizzly in versions before 5.0.2, cannot properly 
parse the tr ...)
        TODO: check
 CVE-2026-12588 (An attacker with access to an HX 10.0.0 and previous versions, 
may sen ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2026-12523 (Summary    Cloudflare quiche's HTTP/3 layer was discovered to 
be vulne ...)
        TODO: check
 CVE-2026-12512 (The Quotes llama WordPress plugin before 3.1.6 does not 
properly sanit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-12478 (The fix for CVE-2026-0716 (commit 6ff7ef0, libsoup 3.6.6) 
placed the i ...)
        TODO: check
 CVE-2026-12281 (The Shibboleth WordPress plugin before 2.5.4 does not fail 
closed when ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-11944 (openSIS Classic 9.3 contains an authenticated path traversal 
vulnerabi ...)
        TODO: check
 CVE-2026-11917 (A path traversal security issue exists within Rockwell 
AutomationThinM ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-11851 (Improper Neutralization of Special Elements used in an SQL 
Command ("S ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2026-11580 (The Kali Forms \u2014 Contact Form & Drag-and-Drop Builder 
WordPress p ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-11579 (The Kali Forms \u2014 Contact Form & Drag-and-Drop Builder 
WordPress p ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-11403 (A vulnerability in Sonatype Nexus Repository Manager's 
format-specific ...)
-       TODO: check
+       NOT-FOR-US: Sonatype
 CVE-2026-10714 (A security issue exists within FactoryTalk\xae Services 
Platform (FTSP ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-10672 (subsys/net/lib/lwm2m/lwm2m_pull_context.c copied the 
firmware-update P ...)
-       TODO: check
+       NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2026-10671 (In Zephyr's kernel pipe implementation, the userspace syscall 
verifier ...)
-       TODO: check
+       NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2026-10670 (The CONFIG_USERSPACE verification handler for the 
k_thread_name_copy() ...)
-       TODO: check
+       NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2026-10669 (On Xtensa SoCs built with CONFIG_XTENSA_MPU and 
CONFIG_USERSPACE, arch ...)
-       TODO: check
+       NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2026-10577 (A security issue exists within the 1715-AENTR EtherNet/IP 
Adapter. The ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-10573 (A denial-of-service security issue exists in 
1734POINTI/O\u2122module. ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2026-10051 (In Eclipse Jetty, a first HTTP/1.1 request with trailers 
causes the se ...)
        TODO: check
 CVE-2026-0515 (Insufficient Parameter Validation in the SchedGet() system call 
could  ...)
-       TODO: check
+       NOT-FOR-US: Blackberry
 CVE-2025-8412 (A Buffer Copy without Checking Size of Input ('Classic Buffer 
Overflow ...)
        TODO: check
 CVE-2025-62826 (An Improper Neutralization of CRLF Sequences in HTTP Headers 
('HTTP Re ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2025-62675 (An Improper Neutralization of CRLF Sequences in HTTP Headers 
('HTTP Re ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2025-56365 (A reachable assertion vulnerability exists in the Matter SDK 
(connecte ...)
        TODO: check
 CVE-2025-56364 (A use of uninitialized value vulnerability exists in the 
Matter SDK (c ...)
@@ -1819,17 +1819,17 @@ CVE-2025-56362 (A reachable assertion vulnerability 
exists in the Matter SDK (co
 CVE-2025-56361 (A reachable assertion vulnerability exists in the Matter SDK 
(connecte ...)
        TODO: check
 CVE-2025-53379 (A out-of-bounds read vulnerability in Fortinet 
FortiAuthenticator 6.6. ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2025-43892 (A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 
through 7.6 ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2025-40945 (A vulnerability has been identified in COMOS V10.4.5 (All 
versions < V ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2025-12012 (A denial-of-service issue exists 
in5380/5480/5580controllers.This vuln ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2025-12011 (A denial-of-service issue existsin5370/5570controllers. This 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2025-11698 (A denial-of-service issue exists 
in5380/5480/5580controllersbootfirmwa ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2024-7708 (For requests that have a body, but reading the body may end up 
in read ...)
        TODO: check
 CVE-2026-15719 (We are aware that exploit code for this is public however we 
are not a ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e97480210c6c6b7ba88ea1c0ac3c9675eadcd680

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e97480210c6c6b7ba88ea1c0ac3c9675eadcd680
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to