[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Apr 30 09:23:19 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
907a6962 by Moritz Muehlenhoff at 2026-04-30T10:22:56+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,31 +1,33 @@
+CVE-2026-42208
+	NOT-FOR-US: LiteLLM
 CVE-2026-7470 (A flaw has been found in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. ...)
 	NOT-FOR-US: Tenda
 CVE-2026-7469 (A vulnerability was detected in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN ...)
 	NOT-FOR-US: Tenda
 CVE-2026-7468 (A security vulnerability has been detected in 1024-lab smart-admin up  ...)
-	TODO: check
+	NOT-FOR-US: 1024-lab smart-admin Demo Site
 CVE-2026-7447 (A flaw has been found in SourceCodester Pet Grooming Management Softwa ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7446 (A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. Th ...)
-	TODO: check
+	NOT-FOR-US: mcp-server-semgrep
 CVE-2026-7445 (A security vulnerability has been detected in ZachHandley ZMCPTools up ...)
-	TODO: check
+	NOT-FOR-US: ZMCPTools
 CVE-2026-7443 (A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0. ...)
-	TODO: check
+	NOT-FOR-US: mcp-dnstwist
 CVE-2026-7426 (Insufficient validation of the prefix length field in IPv6 Router Adve ...)
 	NOT-FOR-US: Amazon
 CVE-2026-7425 (Insufficient option length validation in the IPv6 Router Advertisement ...)
 	NOT-FOR-US: Amazon
 CVE-2026-7420 (A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-21 ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-7419 (A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907- ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-7418 (A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907- ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-7417 (A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the ...)
-	TODO: check
+	NOT-FOR-US: xhs-mcp
 CVE-2026-7416 (A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This i ...)
-	TODO: check
+	NOT-FOR-US: xcode-mcp-server
 CVE-2026-7410 (A vulnerability has been found in SourceCodester Pizzafy Ecommerce Sys ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7409 (A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0.  ...)
@@ -35,13 +37,13 @@ CVE-2026-7408 (A vulnerability was detected in SourceCodester Pizzafy Ecommerce
 CVE-2026-7407 (A security vulnerability has been detected in SourceCodester Pizzafy E ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7404 (A weakness has been identified in getsimpletool mcpo-simple-server up  ...)
-	TODO: check
+	NOT-FOR-US: mcpo-simple-server
 CVE-2026-7403 (A security flaw has been discovered in geldata gel-mcp 0.1.0. This imp ...)
-	TODO: check
+	NOT-FOR-US: gel-mcp
 CVE-2026-7401 (A vulnerability was detected in SourceCodester CET Automated Grading S ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7400 (A security vulnerability has been detected in geekgod382 filesystem-mc ...)
-	TODO: check
+	NOT-FOR-US: filesystem-mcp-server
 CVE-2026-7379 (Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial ...)
 	TODO: check
 CVE-2026-7378 (Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of se ...)
@@ -123,7 +125,7 @@ CVE-2026-5299 (ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 a
 CVE-2026-41226 (Open redirect vulnerability exists in Multiple laser printers and MFPs ...)
 	TODO: check
 CVE-2026-34965 (Cockpit CMS contains an authenticated remote code execution vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Cockpit CMS
 CVE-2026-1858 (wget2 accepts a server certificate with incorrect Key Usage (KU) or Ex ...)
 	TODO: check
 CVE-2025-50328 (A vulnerability in B1 Free Archiver v1.5.86 allows files extracted fro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/907a6962b658359c3b9cb0aa09c60b38f9a5d561

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/907a6962b658359c3b9cb0aa09c60b38f9a5d561
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260430/9f59d6d6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list