[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Apr 1 17:04:42 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
27fe1bf7 by Salvatore Bonaccorso at 2026-04-01T18:04:18+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -241,7 +241,7 @@ CVE-2026-34605 (SiYuan is a personal knowledge management system. From version 3
 CVE-2026-34595 (Parse Server is an open source backend that can be deployed to any inf ...)
 	NOT-FOR-US: Parse Server
 CVE-2026-34586 (PdfDing is a selfhosted PDF manager, viewer and editor offering a seam ...)
-	TODO: check
+	NOT-FOR-US: PdfDing
 CVE-2026-34585 (SiYuan is a personal knowledge management system. Prior to version 3.6 ...)
 	NOT-FOR-US: SiYuan
 CVE-2026-34574 (Parse Server is an open source backend that can be deployed to any inf ...)
@@ -305,11 +305,11 @@ CVE-2026-34503 (OpenClaw before 2026.3.28 fails to disconnect active WebSocket s
 CVE-2026-34453 (SiYuan is a personal knowledge management system. Prior to version 3.6 ...)
 	NOT-FOR-US: SiYuan
 CVE-2026-34452 (The Claude SDK for Python provides access to the Claude API from Pytho ...)
-	TODO: check
+	NOT-FOR-US: Claude SDK for Python
 CVE-2026-34451 (Claude SDK for TypeScript provides access to the Claude API from serve ...)
-	TODO: check
+	NOT-FOR-US: Claude SDK for TypeScript
 CVE-2026-34450 (The Claude SDK for Python provides access to the Claude API from Pytho ...)
-	TODO: check
+	NOT-FOR-US: Claude SDK for Python
 CVE-2026-34449 (SiYuan is a personal knowledge management system. Prior to version 3.6 ...)
 	NOT-FOR-US: SiYuan
 CVE-2026-34448 (SiYuan is a personal knowledge management system. Prior to version 3.6 ...)
@@ -323,13 +323,13 @@ CVE-2026-34441 (cpp-httplib is a C++11 single-file header-only cross platform HT
 CVE-2026-34406 (APTRS (Automated Penetration Testing Reporting System) is a Python and ...)
 	NOT-FOR-US: APTRS (Automated Penetration Testing Reporting System)
 CVE-2026-34405 (Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to ...)
-	TODO: check
+	NOT-FOR-US: Nuxt OG Image
 CVE-2026-34404 (Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to ...)
-	TODO: check
+	NOT-FOR-US: Nuxt OG Image
 CVE-2026-34401 (XML Notepad is a Windows program that provides a simple intuitive User ...)
 	NOT-FOR-US: XML Notepad
 CVE-2026-34400 (Alerta is a monitoring tool. Prior to version 9.1.0, the Query string  ...)
-	TODO: check
+	NOT-FOR-US: Alerta
 CVE-2026-34396 (WWBN AVideo is an open source video platform. In versions 26.0 and pri ...)
 	NOT-FOR-US: WWBN AVideo
 CVE-2026-34395 (WWBN AVideo is an open source video platform. In versions 26.0 and pri ...)
@@ -345,11 +345,11 @@ CVE-2026-34382 (Admidio is an open-source user management solution. From version
 CVE-2026-34381 (Admidio is an open-source user management solution. From version 5.0.0 ...)
 	NOT-FOR-US: Admidio
 CVE-2026-34377 (ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad versio ...)
-	TODO: check
+	NOT-FOR-US: ZEBRA
 CVE-2026-34373 (Parse Server is an open source backend that can be deployed to any inf ...)
 	NOT-FOR-US: Parse Server
 CVE-2026-34372 (Sulu is an open-source PHP content management system based on the Symf ...)
-	TODO: check
+	NOT-FOR-US: Sulu
 CVE-2026-34367 (InvoiceShelf is an open-source web & mobile app that helps track expen ...)
 	NOT-FOR-US: InvoiceShelf
 CVE-2026-34366 (InvoiceShelf is an open-source web & mobile app that helps track expen ...)
@@ -359,13 +359,13 @@ CVE-2026-34365 (InvoiceShelf is an open-source web & mobile app that helps track
 CVE-2026-34363 (Parse Server is an open source backend that can be deployed to any inf ...)
 	NOT-FOR-US: Parse Server
 CVE-2026-34361 (HAPI FHIR is a complete implementation of the HL7 FHIR standard for he ...)
-	TODO: check
+	NOT-FOR-US: HAPI FHIR
 CVE-2026-34360 (HAPI FHIR is a complete implementation of the HL7 FHIR standard for he ...)
-	TODO: check
+	NOT-FOR-US: HAPI FHIR
 CVE-2026-34359 (HAPI FHIR is a complete implementation of the HL7 FHIR standard for he ...)
-	TODO: check
+	NOT-FOR-US: HAPI FHIR
 CVE-2026-34243 (wenxian is a tool to generate BIBTEX files from given identifiers (DOI ...)
-	TODO: check
+	NOT-FOR-US: wenxian
 CVE-2026-34240 (JOSE is a Javascript Object Signing and Encryption (JOSE) library. Pri ...)
 	TODO: check
 CVE-2026-34237 (MCP Java SDK is the official Java SDK for Model Context Protocol serve ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27fe1bf75f619ff30d149086515f4a95d523c645

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27fe1bf75f619ff30d149086515f4a95d523c645
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260401/b7c24e38/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list