[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 28 09:00:51 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7b180bce by Salvatore Bonaccorso at 2026-04-28T10:00:41+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2026-7234 (A weakness has been identified in BrowserOperator browser-operator-cor ...)
-	TODO: check
+	NOT-FOR-US: BrowserOperator browser-operator-core
 CVE-2026-7233 (A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impa ...)
 	TODO: check
 CVE-2026-7230 (A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The  ...)
@@ -17,35 +17,35 @@ CVE-2026-7225 (A weakness has been identified in SourceCodester Pizzafy Ecommerc
 CVE-2026-7224 (A security flaw has been discovered in SourceCodester Pizzafy Ecommerc ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7223 (A vulnerability was identified in BigSweetPotatoStudio HyperChat up to ...)
-	TODO: check
+	NOT-FOR-US: BigSweetPotatoStudio HyperChat
 CVE-2026-7222 (A vulnerability was determined in code-projects Coaching Management Sy ...)
 	NOT-FOR-US: code-projects
 CVE-2026-7221 (A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17 ...)
-	TODO: check
+	NOT-FOR-US: TencentCloudBase CloudBase-MCP
 CVE-2026-7220 (A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b ...)
-	TODO: check
+	NOT-FOR-US: jackwrichards FastlyMCP
 CVE-2026-7219 (A flaw has been found in Totolink N300RT 3.4.0-B20250430. This affects ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2026-7218 (A vulnerability was detected in Totolink N300RT 3.4.0-B20250430. The i ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2026-7217 (A security vulnerability has been detected in Deepractice PromptX up t ...)
-	TODO: check
+	NOT-FOR-US: Deepractice PromptX
 CVE-2026-7216 (A weakness has been identified in donchelo processing-claude-mcp-bridg ...)
-	TODO: check
+	NOT-FOR-US: donchelo processing-claude-mcp-bridge
 CVE-2026-7215 (A security flaw has been discovered in egtai gmx-vmd-mcp up to 0.1.0.  ...)
-	TODO: check
+	NOT-FOR-US: egtai gmx-vmd-mcp
 CVE-2026-7214 (A vulnerability was identified in eghuzefa engineer-your-data up to 0. ...)
-	TODO: check
+	NOT-FOR-US: eghuzefa engineer-your-data
 CVE-2026-7213 (A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts  ...)
-	TODO: check
+	NOT-FOR-US: ef10007 MLOps_MCP
 CVE-2026-7212 (A security vulnerability has been detected in edvardlindelof notes-mcp ...)
-	TODO: check
+	NOT-FOR-US: edvardlindelof notes-mcp
 CVE-2026-7211 (A weakness has been identified in dvladimirov MCP up to 0.1.0. The imp ...)
-	TODO: check
+	NOT-FOR-US: dvladimirov MCP
 CVE-2026-7206 (A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0.  ...)
-	TODO: check
+	NOT-FOR-US: dubydu sqlite-mcp
 CVE-2026-7205 (A vulnerability was identified in duartium papers-mcp-server 9ceb3812a ...)
-	TODO: check
+	NOT-FOR-US: duartium papers-mcp-server
 CVE-2026-7204 (A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521 ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2026-7203 (A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Thi ...)
@@ -57,27 +57,27 @@ CVE-2026-7200 (A flaw has been found in SourceCodester Pharmacy Sales and Invent
 CVE-2026-7199 (A vulnerability was detected in SourceCodester Pharmacy Sales and Inve ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7196 (A security vulnerability has been detected in CodeAstro Online Classro ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Online Classroom
 CVE-2026-7194 (A weakness has been identified in SourceCodester Pharmacy Sales and In ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7191 (Improper use of the static-eval npm package in the open source solutio ...)
 	NOT-FOR-US: Amazon
 CVE-2026-7183 (A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The a ...)
-	TODO: check
+	NOT-FOR-US: aligungr UERANSIM
 CVE-2026-7179 (A security vulnerability has been detected in OSPG binwalk up to 2.4.3 ...)
 	TODO: check
 CVE-2026-7178 (A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1 ...)
-	TODO: check
+	NOT-FOR-US: ChatGPTNextWeb NextChat
 CVE-2026-7177 (A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2 ...)
-	TODO: check
+	NOT-FOR-US: ChatGPTNextWeb NextChat
 CVE-2026-7160 (A vulnerability was determined in Tenda HG3 2.0. This vulnerability af ...)
 	NOT-FOR-US: Tenda
 CVE-2026-7159 (A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. Thi ...)
-	TODO: check
+	NOT-FOR-US: douinc mkdocs-mcp-plugin
 CVE-2026-7158 (A vulnerability has been found in dmitryglhf mcp-url-downloader up to  ...)
-	TODO: check
+	NOT-FOR-US: dmitryglhf mcp-url-downloader
 CVE-2026-7157 (A flaw has been found in disler aider-mcp-server up to b2516fa466d0d85 ...)
-	TODO: check
+	NOT-FOR-US: disler aider-mcp-server
 CVE-2026-7156 (A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521.  ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2026-7155 (A security vulnerability has been detected in Totolink A8000RU 7.1cu.6 ...)
@@ -91,9 +91,9 @@ CVE-2026-7152 (A vulnerability was identified in Totolink A8000RU 7.1cu.643_b202
 CVE-2026-7151 (A vulnerability was determined in Tenda HG3 2.0. Impacted is the funct ...)
 	NOT-FOR-US: Tenda
 CVE-2026-7150 (A vulnerability was found in dh1011 auto-favicon up to f189116a9259950 ...)
-	TODO: check
+	NOT-FOR-US: dh1011 auto-favicon
 CVE-2026-7149 (A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffc ...)
-	TODO: check
+	NOT-FOR-US: dexhunter kaggle-mcp
 CVE-2026-6809 (The Social Post Embed plugin for WordPress is vulnerable to Stored Cro ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-6741 (The LatePoint \u2013 Calendar Booking Plugin for Appointments and Even ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b180bce96f745b29bdd1e160e6a59cfe1cce97f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b180bce96f745b29bdd1e160e6a59cfe1cce97f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260428/74c055e2/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list