[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Feb 20 08:43:29 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dae6e60b by Salvatore Bonaccorso at 2026-02-20T09:43:00+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,27 +61,27 @@ CVE-2026-27318
 CVE-2026-27317
 	REJECTED
 CVE-2026-27114 (NanaZip is an open source file archive Starting in version 5.0.1252.0  ...)
-	TODO: check
+	NOT-FOR-US: NanaZip
 CVE-2026-27017 (uTLS is a fork of crypto/tls, created to customize ClientHello for fin ...)
 	TODO: check
 CVE-2026-27016 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitorin ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2026-27014 (NanaZip is an open source file archive Starting in version 5.0.1252.0  ...)
-	TODO: check
+	NOT-FOR-US: NanaZip
 CVE-2026-27009 (OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a ato ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-27008 (OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a bug ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-27007 (OpenClaw is a personal AI assistant. Prior to version 2026.2.15, `norm ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-27004 (OpenClaw is a personal AI assistant. Prior to version 2026.2.15, in so ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-27003 (OpenClaw is a personal AI assistant. Telegram bot tokens can appear in ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-27002 (OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a con ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-27001 (OpenClaw is a personal AI assistant. Prior to version 2026.2.15, OpenC ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-26996 (minimatch is a minimal matching utility for converting glob expression ...)
 	TODO: check
 CVE-2026-26995
@@ -91,27 +91,27 @@ CVE-2026-26994 (uTLS is a fork of crypto/tls, created to customize ClientHello f
 CVE-2026-26993 (Flare is a Next.js-based, self-hostable file sharing platform that int ...)
 	NOT-FOR-US: Next.js
 CVE-2026-26992 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitorin ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2026-26991 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitorin ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2026-26990 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitorin ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2026-26989 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitorin ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2026-26988 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitorin ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2026-26987 (LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitorin ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2026-26980 (Ghost is a Node.js content management system. Versions 3.24.0 through  ...)
 	TODO: check
 CVE-2026-26977 (Frappe Learning Management System (LMS) is a learning system that help ...)
-	TODO: check
+	NOT-FOR-US: Frappe Learning Management System (LMS)
 CVE-2026-26975 (Music Assistant is an open-source media library manager that integrate ...)
 	TODO: check
 CVE-2026-26974 (Slyde is a program that creates animated presentations from XML. In ve ...)
 	TODO: check
 CVE-2026-26972 (OpenClaw is a personal AI assistant. In versions 2026.1.12 through 202 ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-26967 (PJSIP is a free and open source multimedia communication library writt ...)
 	TODO: check
 CVE-2026-26964 (Windmill is an open-source developer platform for internal code: APIs, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae6e60bb0d0f7d892d3a7cc9548a7deb8969284

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae6e60bb0d0f7d892d3a7cc9548a7deb8969284
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260220/66f14766/attachment.htm>

More information about the debian-security-tracker-commits mailing list