[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Feb 27 08:24:16 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc0e6050 by Salvatore Bonaccorso at 2026-02-27T09:23:49+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,17 +3,17 @@ CVE-2026-3302 (A weakness has been identified in SourceCodester Doctor Appointme
 CVE-2026-3301 (A security flaw has been discovered in Totolink N300RH 6.1c.1353_B2019 ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2026-3293 (A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0 ...)
-	TODO: check
+	NOT-FOR-US: Snowflake JDBC Driver
 CVE-2026-3292 (A security vulnerability has been detected in jizhiCMS up to 2.5.6. Af ...)
-	TODO: check
+	NOT-FOR-US: jizhiCMS
 CVE-2026-3289 (A weakness has been identified in Sanluan PublicCMS 6.202506.d. This i ...)
-	TODO: check
+	NOT-FOR-US: Sanluan PublicCMS
 CVE-2026-3287 (A security flaw has been discovered in youlaitech youlai-mall 2.0.0. T ...)
-	TODO: check
+	NOT-FOR-US: youlaitech youlai-mall
 CVE-2026-3286 (A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2 ...)
-	TODO: check
+	NOT-FOR-US: itwanger paicoding
 CVE-2026-3285 (A vulnerability was determined in berry-lang berry up to 1.1.0. The af ...)
-	TODO: check
+	NOT-FOR-US: berry-lang berry
 CVE-2026-3284 (A vulnerability was found in libvips 8.19.0. Impacted is the function  ...)
 	TODO: check
 CVE-2026-3283 (A vulnerability has been found in libvips 8.19.0. This issue affects t ...)
@@ -33,19 +33,19 @@ CVE-2026-3272 (A vulnerability was determined in Tenda F453 1.0.0.3. Affected is
 CVE-2026-3271 (A vulnerability was found in Tenda F453 1.0.0.3. This impacts the func ...)
 	NOT-FOR-US: Tenda
 CVE-2026-3270 (A vulnerability has been found in psi-probe PSI Probe up to 5.3.0. Thi ...)
-	TODO: check
+	NOT-FOR-US: psi-probe PSI Probe
 CVE-2026-3269 (A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted ...)
-	TODO: check
+	NOT-FOR-US: psi-probe PSI Probe
 CVE-2026-3268 (A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The a ...)
-	TODO: check
+	NOT-FOR-US: psi-probe PSI Probe
 CVE-2026-3265 (A vulnerability was identified in go2ismail Free-CRM up to b83c40a9072 ...)
-	TODO: check
+	NOT-FOR-US: go2ismail Free-CRM
 CVE-2026-3264 (A vulnerability was determined in go2ismail Free-CRM up to b83c40a9072 ...)
-	TODO: check
+	NOT-FOR-US: go2ismail Free-CRM
 CVE-2026-3263 (A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Ma ...)
-	TODO: check
+	NOT-FOR-US: go2ismail Asp.Net-Core-Inventory-Order-Management-System
 CVE-2026-3262 (A vulnerability has been found in go2ismail Asp.Net-Core-Inventory-Ord ...)
-	TODO: check
+	NOT-FOR-US: go2ismail Asp.Net-Core-Inventory-Order-Management-System
 CVE-2026-3261 (A flaw has been found in itsourcecode School Management System 1.0. Th ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2026-3037 (An OS command injection vulnerability exists in XWEB Pro version 1.12. ...)
@@ -57,7 +57,7 @@ CVE-2026-28370 (In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0,
 CVE-2026-28364 (In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Mar ...)
 	TODO: check
 CVE-2026-28363 (In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort  ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-28280 (osctrl is an osquery management solution. Prior to version 0.5.0, a st ...)
 	TODO: check
 CVE-2026-28279 (osctrl is an osquery management solution. Prior to version 0.5.0, an O ...)
@@ -69,15 +69,15 @@ CVE-2026-28275 (Initiative is a self-hosted project management platform. Version
 CVE-2026-28274 (Initiative is a self-hosted project management platform. Versions of t ...)
 	TODO: check
 CVE-2026-28269 (Kiteworks is a private data network (PDN). Prior to version 9.2.0, avu ...)
-	TODO: check
+	NOT-FOR-US: Kiteworks
 CVE-2026-28230 (SteVe is an open-source EV charging station management system. In vers ...)
-	TODO: check
+	NOT-FOR-US: SteVe
 CVE-2026-28227 (Discourse is an open source discussion platform. Prior to versions 202 ...)
 	NOT-FOR-US: Discourse
 CVE-2026-28226 (Phishing Club is a phishing simulation and man-in-the-middle framework ...)
-	TODO: check
+	NOT-FOR-US: Phishing Club
 CVE-2026-28225 (Manyfold is an open source, self-hosted web application for managing a ...)
-	TODO: check
+	NOT-FOR-US: Manyfold
 CVE-2026-28219 (Discourse is an open source discussion platform. Prior to versions 202 ...)
 	NOT-FOR-US: Discourse
 CVE-2026-28218 (Discourse is an open source discussion platform. Prior to versions 202 ...)
@@ -89,7 +89,7 @@ CVE-2026-28216 (hoppscotch is an open source API development ecosystem. Prior to
 CVE-2026-28215 (hoppscotch is an open source API development ecosystem. Prior to versi ...)
 	TODO: check
 CVE-2026-28213 (EverShop is a TypeScript-first eCommerce platform. Versions prior to 2 ...)
-	TODO: check
+	NOT-FOR-US: EverShop
 CVE-2026-28211 (The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to h ...)
 	TODO: check
 CVE-2026-28208 (Junrar is an open source java RAR archive library. Prior to version 7. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc0e60504bb6d15dc308255b711f945ff8c931cc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc0e60504bb6d15dc308255b711f945ff8c931cc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260227/9fbddc1f/attachment.htm>

More information about the debian-security-tracker-commits mailing list