[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Aug 27 04:44:59 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c0e3b21 by Salvatore Bonaccorso at 2025-08-27T05:44:27+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26,9 +26,9 @@ CVE-2025-6366 (The Event List plugin for WordPress is vulnerable to privilege es
 CVE-2025-6247 (The WordPress Automatic Plugin plugin for WordPress is vulnerable to C ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-57818 (Firecrawl turns entire websites into LLM-ready markdown or structured  ...)
-	TODO: check
+	NOT-FOR-US: Firecrawl
 CVE-2025-57813 (traQ is a messenger application built for Digital Creators Club traP.  ...)
-	TODO: check
+	NOT-FOR-US: traQ
 CVE-2025-57810 (jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, use ...)
 	- jspdf <itp> (bug #998381)
 CVE-2025-57803 (ImageMagick is free and open-source software used for editing and mani ...)
@@ -41,7 +41,7 @@ CVE-2025-57425 (A Stored Cross-Site Scripting (XSS) vulnerability in SourceCodes
 CVE-2025-56432 (A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. ...)
 	NOT-FOR-US: Nagios XI
 CVE-2025-55526 (n8n-workflows Main Commit ee25413 allows attackers to execute a direct ...)
-	TODO: check
+	NOT-FOR-US: n8n-workflows
 CVE-2025-55443 (Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrato ...)
 	NOT-FOR-US: Telpo MDM
 CVE-2025-53813 (The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse ...)
@@ -57,7 +57,7 @@ CVE-2025-52218 (SelectZero Data Observability Platform before 2025.5.2 is vulner
 CVE-2025-52217 (SelectZero Data Observability Platform before 2025.5.2 is vulnerable t ...)
 	NOT-FOR-US: SelectZero
 CVE-2025-52184 (Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote ...)
-	TODO: check
+	NOT-FOR-US: Helpy
 CVE-2025-52037 (A vulnerability has been found in NotesCMS and classified as medium. A ...)
 	NOT-FOR-US: NotesCMS
 CVE-2025-52036 (A vulnerability has been found in NotesCMS and classified as medium. A ...)
@@ -111,7 +111,7 @@ CVE-2025-23307 (NVIDIA NeMo Curator for all platforms contains a vulnerability w
 CVE-2025-1994 (IBM Cognos Command Center 10.2.4.1 and 10.2.5     could allow a local  ...)
 	NOT-FOR-US: IBM
 CVE-2025-1501 (An access control vulnerability was discovered in the Request Trace an ...)
-	TODO: check
+	NOT-FOR-US: CMC
 CVE-2025-1494 (IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote att ...)
 	NOT-FOR-US: IBM
 CVE-2024-47853 (An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may u ...)
@@ -194,7 +194,7 @@ CVE-2025-6188 (On affected platforms running Arista EOS, maliciously formed UDP
 CVE-2025-5931 (The Dokan Pro plugin for WordPress is vulnerable to privilege escalati ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-57814 (request-filtering-agent is an http(s).Agent implementation that blocks ...)
-	TODO: check
+	NOT-FOR-US: request-filtering-agent
 CVE-2025-57809 (XGrammar is an open-source library for efficient, flexible, and portab ...)
 	NOT-FOR-US: XGrammar
 CVE-2025-57805 (The Scratch Channel is a news website. In versions 1 and 1.1, a POST r ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c0e3b21acc6702f4868f4aad1351d8d663b43b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c0e3b21acc6702f4868f4aad1351d8d663b43b5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250827/e382beb9/attachment-0001.htm>
