[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ccb81c9b by Salvatore Bonaccorso at 2026-02-09T21:26:19+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,7 +21,7 @@ CVE-2026-2223 (A security vulnerability has been detected in code-projects Onlin
 CVE-2026-25905 (The Python code being run by 'runPython' or 'runPythonAsync' is not is ...)
 	TODO: check
 CVE-2026-25904 (The Pydantic-AI MCP Run Python tool configures the Deno sandbox with a ...)
-	TODO: check
+	NOT-FOR-US: Pydantic-AI MCP Run Python tool
 CVE-2026-25848 (In JetBrains Hub before 2025.3.119807 authentication bypass allowing a ...)
 	NOT-FOR-US: JetBrains
 CVE-2026-25847 (In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer ...)
@@ -29,39 +29,39 @@ CVE-2026-25847 (In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter
 CVE-2026-25846 (In JetBrains YouTrack before 2025.3.119033 access tokens could be expo ...)
 	NOT-FOR-US: JetBrains
 CVE-2026-25598 (Harden-Runner is a CI/CD security agent that works like an EDR for Git ...)
-	TODO: check
+	NOT-FOR-US: Harden-Runner
 CVE-2026-25498 (Craft is a platform for creating digital experiences. In versions 4.0. ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-25497 (Craft is a platform for creating digital experiences. In Craft version ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-25496 (Craft is a platform for creating digital experiences. In Craft version ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-25495 (Craft is a platform for creating digital experiences. In Craft version ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-25494 (Craft is a platform for creating digital experiences.  In Craft versio ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-25493 (Craft is a platform for creating digital experiences. In Craft version ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-25492 (Craft CMS is a content management system. In Craft versions 3.5.0 thro ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-25491 (Craft is a platform for creating digital experiences. From 5.0.0-RC1 t ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-25480 (Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. ...)
-	TODO: check
+	NOT-FOR-US: Litestar
 CVE-2026-25479 (Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. ...)
-	TODO: check
+	NOT-FOR-US: Litestar
 CVE-2026-25478 (Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. ...)
-	TODO: check
+	NOT-FOR-US: Litestar
 CVE-2026-25231 (FileRise is a self-hosted web file manager / WebDAV server. Versions p ...)
-	TODO: check
+	NOT-FOR-US: FileRise
 CVE-2026-25230 (FileRise is a self-hosted web file manager / WebDAV server. Prior to 3 ...)
-	TODO: check
+	NOT-FOR-US: FileRise
 CVE-2026-25057 (MarkUs is a web application for the submission and grading of student  ...)
-	TODO: check
+	NOT-FOR-US: MarkUs
 CVE-2026-24900 (MarkUs is a web application for the submission and grading of student  ...)
-	TODO: check
+	NOT-FOR-US: MarkUs
 CVE-2026-24777 (OpenProject is an open-source, web-based project management software.  ...)
-	TODO: check
+	NOT-FOR-US: OpenProject
 CVE-2026-24095 (Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0 ...)
 	TODO: check
 CVE-2026-21419 (Dell Display and Peripheral Manager (Windows) versions prior to 2.2 co ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccb81c9b9b7d6ddbc4430696ed882fefb53d17c4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccb81c9b9b7d6ddbc4430696ed882fefb53d17c4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260209/d5628ed1/attachment-0001.htm>