[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 29 21:14:38 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e28ef861 by Salvatore Bonaccorso at 2026-04-29T22:14:10+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2026-7466 (AgentFlow contains an arbitrary code execution vulnerability that allo ...)
- TODO: check
+ NOT-FOR-US: AgentFlow
CVE-2026-7439 (AgentFlow's local web API accepts non-JSON content types on POST /api/ ...)
- TODO: check
+ NOT-FOR-US: AgentFlow
CVE-2026-7424 (Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP ...)
NOT-FOR-US: Amazon
CVE-2026-7423 (Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRT ...)
@@ -9,11 +9,11 @@ CVE-2026-7423 (Integer underflow in the ICMP and ICMPv6 echo reply handlers in F
CVE-2026-7422 (Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and ...)
NOT-FOR-US: Amazon
CVE-2026-7398 (A weakness has been identified in florensiawidjaja BioinfoMCP up to 7a ...)
- TODO: check
+ NOT-FOR-US: florensiawidjaja BioinfoMCP
CVE-2026-7397 (A security flaw has been discovered in NousResearch hermes-agent 0.8.0 ...)
- TODO: check
+ NOT-FOR-US: NousResearch hermes-agent
CVE-2026-7396 (A vulnerability was identified in NousResearch hermes-agent 0.8.0. Aff ...)
- TODO: check
+ NOT-FOR-US: NousResearch hermes-agent
CVE-2026-7394 (A vulnerability was determined in SourceCodester Pizzafy Ecommerce Sys ...)
NOT-FOR-US: SourceCodester
CVE-2026-7393 (A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1 ...)
@@ -25,13 +25,13 @@ CVE-2026-7391 (A flaw has been found in SourceCodester Pharmacy Sales and Invent
CVE-2026-7390 (A vulnerability was detected in SourceCodester Pharmacy Sales and Inve ...)
NOT-FOR-US: SourceCodester
CVE-2026-7389 (A security vulnerability has been detected in EyouCMS up to 1.7.9. The ...)
- TODO: check
+ NOT-FOR-US: EyouCMS
CVE-2026-7388 (A weakness has been identified in EyouCMS up to 1.7.9. Impacted is the ...)
- TODO: check
+ NOT-FOR-US: EyouCMS
CVE-2026-7386 (A flaw has been found in fatbobman mail-mcp-bridge up to 1.3.3. Affect ...)
- TODO: check
+ NOT-FOR-US: fatbobman mail-mcp-bridge
CVE-2026-7384 (A vulnerability was detected in ezequiroga mcp-bases 357ca19c7a49a9b9c ...)
- TODO: check
+ NOT-FOR-US: ezequiroga mcp-bases
CVE-2026-6915 (An authorization flaw in the user management command could allow an au ...)
TODO: check
CVE-2026-6914 (Computing the MD5 checksum of a malformed BSON object under specific c ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e28ef861bd3d7b02f0c27ee3c30affa17278eb88
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e28ef861bd3d7b02f0c27ee3c30affa17278eb88
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260429/0d941a7b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list