[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Feb 16 20:20:17 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6ab94fc5 by Salvatore Bonaccorso at 2026-02-16T21:19:49+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2026-2577 (The WhatsApp bridge component in Nanobot binds the WebSocket server to ...)
-	TODO: check
+	NOT-FOR-US: Nanobot
 CVE-2026-2567 (A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vuln ...)
 	NOT-FOR-US: Wavlink
 CVE-2026-2566 (A security vulnerability has been detected in Wavlink WL-NU516U1 up to ...)
@@ -9,37 +9,37 @@ CVE-2026-2565 (A weakness has been identified in Wavlink WL-NU516U1 20251208. Af
 CVE-2026-2564 (A security flaw has been discovered in Intelbras VIP 3260 Z IA 2.840.0 ...)
 	NOT-FOR-US: Intelbras
 CVE-2026-2563 (A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4 ...)
-	TODO: check
+	NOT-FOR-US: JingDong JD Cloud Box AX6600
 CVE-2026-2562 (A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4 ...)
-	TODO: check
+	NOT-FOR-US: JingDong JD Cloud Box AX6600
 CVE-2026-2561 (A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1. ...)
-	TODO: check
+	NOT-FOR-US: JingDong JD Cloud Box AX6600
 CVE-2026-2560 (A vulnerability has been found in kalcaddle kodbox up to 1.64.05. The  ...)
-	TODO: check
+	NOT-FOR-US: kalcaddle kodbox
 CVE-2026-2558 (A flaw has been found in GeekAI up to 4.2.4. The affected element is t ...)
-	TODO: check
+	NOT-FOR-US: GeekAI
 CVE-2026-2557 (A vulnerability was detected in cskefu up to 8.0.1. Impacted is the fu ...)
-	TODO: check
+	NOT-FOR-US: cskefu
 CVE-2026-2556 (A security vulnerability has been detected in cskefu up to 8.0.1. This ...)
-	TODO: check
+	NOT-FOR-US: cskefu
 CVE-2026-2555 (A weakness has been identified in JeecgBoot 3.9.1. This vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: JeecgBoot
 CVE-2026-2553 (A security flaw has been discovered in tushar-2223 Hotel-Management-Sy ...)
-	TODO: check
+	NOT-FOR-US: tushar-2223 Hotel-Management-System
 CVE-2026-2552 (A vulnerability was identified in ZenTao up to 21.7.8. Affected by thi ...)
-	TODO: check
+	NOT-FOR-US: ZenTao
 CVE-2026-2551 (A vulnerability was determined in ZenTao up to 21.7.8. Affected by thi ...)
-	TODO: check
+	NOT-FOR-US: ZenTao
 CVE-2026-2550 (A vulnerability was found in EFM iptime A6004MX 14.18.2. Affected is t ...)
-	TODO: check
+	NOT-FOR-US: EFM iptime A6004MX
 CVE-2026-2549 (A vulnerability has been found in zhanghuanhao LibrarySystem \u56fe\u4 ...)
-	TODO: check
+	NOT-FOR-US: zhanghuanhao LibrarySystem
 CVE-2026-2548 (A flaw has been found in WAYOS FBM-220G 24.10.19. This affects the fun ...)
-	TODO: check
+	NOT-FOR-US: WAYOS FBM-220G
 CVE-2026-2547 (A vulnerability was detected in LigeroSmart up to 6.1.26. The impacted ...)
-	TODO: check
+	NOT-FOR-US: LigeroSmart
 CVE-2026-2546 (A security vulnerability has been detected in LigeroSmart up to 6.1.26 ...)
-	TODO: check
+	NOT-FOR-US: LigeroSmart
 CVE-2026-2452 (Emails sent by pretix can utilize placeholders that will be filled wit ...)
 	NOT-FOR-US: rami.io products
 CVE-2026-2451 (Emails sent by pretix can utilize placeholders that will be filled wit ...)
@@ -55,7 +55,7 @@ CVE-2026-2032 (Malicious scripts that interrupt new tab page loading could cause
 CVE-2026-2001 (The WowRevenue plugin for WordPress is vulnerable to unauthorized plug ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-26930 (SmarterTools SmarterMail before 9526 allows XSS via MAPI requests.)
-	TODO: check
+	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2026-1783
 	REJECTED
 CVE-2026-1335 (An Out-Of-Bounds Write vulnerability affecting the EPRT file reading p ...)
@@ -65,7 +65,7 @@ CVE-2026-1334 (An Out-Of-Bounds Read vulnerability affecting the EPRT file readi
 CVE-2026-1333 (A Use of Uninitialized Variable vulnerability affecting the EPRT file  ...)
 	NOT-FOR-US: Dassault Systemes
 CVE-2026-1046 (Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate  ...)
-	TODO: check
+	NOT-FOR-US: Mattermost Desktop App
 CVE-2026-0999 (Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11 ...)
 	TODO: check
 CVE-2026-0998 (Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ab94fc5816d26292d395812c5bead2281c7111d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ab94fc5816d26292d395812c5bead2281c7111d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260216/ddd7779d/attachment.htm>

More information about the debian-security-tracker-commits mailing list