[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Feb 14 20:03:00 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
491cd8d9 by Salvatore Bonaccorso at 2026-02-14T21:02:33+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -542,7 +542,7 @@ CVE-2026-23113 [io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop]
 	[trixie] - linux 6.12.69-1
 	NOTE: https://git.kernel.org/linus/10dc959398175736e495f71c771f8641e1ca1907 (6.19-rc7)
 CVE-2026-2469 (Versions of the package directorytree/imapengine before 1.22.3 are vul ...)
-	TODO: check
+	NOT-FOR-US: directorytree/imapengine
 CVE-2026-2144 (The Magic Login Mail or QR Code plugin for WordPress is vulnerable to  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-2027 (The AMP Enhancer \u2013 Compatibility Layer for Official AMP Plugin fo ...)
@@ -799,7 +799,7 @@ CVE-2025-35961
 CVE-2025-35960
 	REJECTED
 CVE-2025-33042 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-32734
 	REJECTED
 CVE-2025-32733
@@ -2458,7 +2458,7 @@ CVE-2025-27560 (Loop with unreachable exit condition ('infinite loop') for some
 CVE-2025-27535 (Exposed ioctl with insufficient access control in the firmware for som ...)
 	NOT-FOR-US: Intel
 CVE-2025-27243 (Out-of-bounds write in the firmware for some Intel(R) Ethernet Control ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-25210 (Improper input validation for some Server Firmware Update Utility(SysF ...)
 	NOT-FOR-US: Intel
 CVE-2025-25058 (Improper initialization for some ESXi kernel mode driver for the Intel ...)
@@ -14896,7 +14896,7 @@ CVE-2026-0675
 CVE-2026-0674 (Missing Authorization vulnerability in Campaign Monitor Campaign Monit ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-0671 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki - UploadWizard extension
 CVE-2025-8307 (Asseco InfoMedica is a comprehensive solution used to manage both admi ...)
 	NOT-FOR-US: Asseco InfoMedica
 CVE-2025-8306 (Asseco InfoMedica is a comprehensive solution used to manage both admi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/491cd8d9a46aa972afe58a6c9a1b90e77dee1016

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/491cd8d9a46aa972afe58a6c9a1b90e77dee1016
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260214/7d20170e/attachment.htm>

More information about the debian-security-tracker-commits mailing list