[Git][security-tracker-team/security-tracker][master] Process some new NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b83c53f8 by Salvatore Bonaccorso at 2026-04-29T09:19:40+02:00
Process some new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2026-7319 (A flaw has been found in elinsky execution-system-mcp 0.1.0. The impac ...)
-	TODO: check
+	NOT-FOR-US: elinsky execution-system-mcp
 CVE-2026-7318 (A vulnerability was detected in elie mcp-project 0.1.0. The affected e ...)
-	TODO: check
+	NOT-FOR-US: elie mcp-project
 CVE-2026-7317 (A vulnerability was found in Grav CMS up to 1.7.49.5/2.0.0-beta.1. Aff ...)
-	TODO: check
+	NOT-FOR-US: Grav CMS
 CVE-2026-7316 (A vulnerability has been found in eiliyaabedini aider-mcp up to 667b91 ...)
-	TODO: check
+	NOT-FOR-US: eiliyaabedini aider-mcp
 CVE-2026-7315 (A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This imp ...)
-	TODO: check
+	NOT-FOR-US: eiceblue spire-pdf-mcp-server
 CVE-2026-7314 (A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. T ...)
-	TODO: check
+	NOT-FOR-US: eiceblue spire-pdf-mcp-server
 CVE-2026-7306 (A security vulnerability has been detected in Xuxueli xxl-job up to 3. ...)
-	TODO: check
+	NOT-FOR-US: Xuxueli xxl-job
 CVE-2026-7305 (A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The aff ...)
-	TODO: check
+	NOT-FOR-US: Xuxueli xxl-job
 CVE-2026-7303 (A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Im ...)
-	TODO: check
+	NOT-FOR-US: Xuxueli xxl-job
 CVE-2026-7297 (A vulnerability was determined in SourceCodester Pizzafy Ecommerce Sys ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7296 (A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1 ...)
@@ -27,13 +27,13 @@ CVE-2026-7294 (A flaw has been found in SourceCodester Pizzafy Ecommerce System
 CVE-2026-7293 (A vulnerability was detected in SourceCodester Pizzafy Ecommerce Syste ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7292 (A security vulnerability has been detected in o2oa up to 10.0. This im ...)
-	TODO: check
+	NOT-FOR-US: O2OA
 CVE-2026-6807 (A vulnerability in GRASSMARLIN v3.2.1 allows crafted session data to   ...)
-	TODO: check
+	NOT-FOR-US: GRASSMARLIN
 CVE-2026-5822
 	REJECTED
 CVE-2026-42615 (GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as de ...)
-	TODO: check
+	NOT-FOR-US: GCHQ CyberChef
 CVE-2026-42432 (OpenClaw before 2026.4.8 contains a privilege escalation vulnerability ...)
 	NOT-FOR-US: OpenClaw
 CVE-2026-42431 (OpenClaw before 2026.4.8 contains a security bypass vulnerability in n ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b83c53f84bd0a63808fa4db728fb53f2752a9cc8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b83c53f84bd0a63808fa4db728fb53f2752a9cc8
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260429/c25867e4/attachment.htm>