[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Feb 7 09:02:29 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0baa7745 by Salvatore Bonaccorso at 2026-02-07T10:02:05+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,25 +1,25 @@
 CVE-2026-2077 (A security vulnerability has been detected in yeqifu warehouse up to a ...)
-	TODO: check
+	NOT-FOR-US: yeqifu warehouse
 CVE-2026-2076 (A weakness has been identified in yeqifu warehouse up to aaf29962ba407 ...)
-	TODO: check
+	NOT-FOR-US: yeqifu warehouse
 CVE-2026-2075 (A security flaw has been discovered in yeqifu warehouse up to aaf29962 ...)
-	TODO: check
+	NOT-FOR-US: yeqifu warehouse
 CVE-2026-2074 (A vulnerability was identified in O2OA up to 9.0.0. This impacts an un ...)
-	TODO: check
+	NOT-FOR-US: O2OA
 CVE-2026-2073 (A vulnerability was determined in itsourcecode School Management Syste ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2026-2071 (A vulnerability was found in UTT \u8fdb\u53d6 520W 1.7.7-180627. The i ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-2070 (A vulnerability has been found in UTT \u8fdb\u53d6 520W 1.7.7-180627.  ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-2069 (A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is ...)
 	TODO: check
 CVE-2026-2068 (A vulnerability was detected in UTT \u8fdb\u53d6 520W 1.7.7-180627. Th ...)
 	TODO: check
 CVE-2026-2067 (A security vulnerability has been detected in UTT \u8fdb\u53d6 520W 1. ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-2066 (A weakness has been identified in UTT \u8fdb\u53d6 520W 1.7.7-180627.  ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-25845
 	REJECTED
 CVE-2026-25844
@@ -65,45 +65,45 @@ CVE-2026-25749 (Vim is an open source, command line text editor. Prior to versio
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-5w93-4g67-mm43
 	NOTE: Fixed by: https://github.com/vim/vim/commit/0714b15940b245108e6e9d7aa2260dd849a26fa9 (v9.1.2132)
 CVE-2026-25732 (NiceGUI is a Python-based UI framework. Prior to 3.7.0, NiceGUI's File ...)
-	TODO: check
+	NOT-FOR-US: NiceGUI
 CVE-2026-25731 (calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template I ...)
 	TODO: check
 CVE-2026-25729 (DeepAudit is a multi-agent system for code vulnerability discovery. In ...)
-	TODO: check
+	NOT-FOR-US: DeepAudit
 CVE-2026-25644 (DataHub is an open-source metadata platform. Prior to version 1.3.1.8, ...)
-	TODO: check
+	NOT-FOR-US: DataHub
 CVE-2026-25636 (calibre is an e-book manager. In 9.1.0 and earlier, a path traversal v ...)
 	TODO: check
 CVE-2026-25635 (calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader con ...)
 	TODO: check
 CVE-2026-25634 (iccDEV provides a set of libraries and tools that allow for the intera ...)
-	TODO: check
+	NOT-FOR-US: iccDEV
 CVE-2026-25632 (EPyT-Flow is a Python package designed for the easy generation of hydr ...)
-	TODO: check
+	NOT-FOR-US: EPyT-Flow
 CVE-2026-25631 (n8n is an open source workflow automation platform. Prior to 1.121.0,  ...)
-	TODO: check
+	NOT-FOR-US: n8n
 CVE-2026-25628 (Qdrant is a vector similarity search engine and vector database. From  ...)
-	TODO: check
+	NOT-FOR-US: Qdrant
 CVE-2026-25597 (PrestaShop is an open source e-commerce web application. Prior to 8.2. ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2026-25593 (OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenti ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-25592 (Semantic Kernel is an SDK used to build, orchestrate, and deploy AI ag ...)
-	TODO: check
+	NOT-FOR-US: Semantic Kernel
 CVE-2026-25581 (SCEditor is a lightweight WYSIWYG BBCode and XHTML editor. Prior to 3. ...)
-	TODO: check
+	NOT-FOR-US: SCEditor
 CVE-2026-25580 (Pydantic AI is a Python agent framework for building applications and  ...)
-	TODO: check
+	NOT-FOR-US: Pydantic AI
 CVE-2026-25574 (Payload is a free and open source headless content management system.  ...)
-	TODO: check
+	NOT-FOR-US: Payload CMS
 CVE-2026-25544 (Payload is a free and open source headless content management system.  ...)
-	TODO: check
+	NOT-FOR-US: Payload CMS
 CVE-2026-25533 (Enclave is a secure JavaScript sandbox designed for safe AI agent code ...)
-	TODO: check
+	NOT-FOR-US: Enclave
 CVE-2026-25516 (NiceGUI is a Python-based UI framework. The ui.markdown() component us ...)
-	TODO: check
+	NOT-FOR-US: NiceGUI
 CVE-2026-25123 (Homarr is an open-source dashboard. Prior to 1.52.0, a public (unauthe ...)
-	TODO: check
+	NOT-FOR-US: Homarr
 CVE-2026-1731 (BeyondTrust Remote Support (RS) and certain older versions of Privileg ...)
 	NOT-FOR-US: BeyondTrust
 CVE-2026-1727 (The Agentspace service was affected by a vulnerability that exposed se ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0baa77458c75acdbb9172623da7d74bc21a32bde

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0baa77458c75acdbb9172623da7d74bc21a32bde
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260207/69825071/attachment.htm>

More information about the debian-security-tracker-commits mailing list