[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Jan 20 10:03:40 GMT 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8124974d by Moritz Muehlenhoff at 2026-01-20T11:03:23+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14,7 +14,7 @@ CVE-2026-23949 (jaraco.context, an open-source software package that provides so
CVE-2026-23947 (Orval generates type-safe JS clients (TypeScript) from any valid OpenA ...)
TODO: check
CVE-2026-23944 (Arcane is an interface for managing Docker containers, images, network ...)
- TODO: check
+ NOT-FOR-US: Arcane
CVE-2026-23917
REJECTED
CVE-2026-23916
@@ -34,13 +34,13 @@ CVE-2026-23910
CVE-2026-23909
REJECTED
CVE-2026-23886 (Swift W3C TraceContext is a Swift implementation of the W3C Trace Cont ...)
- TODO: check
+ NOT-FOR-US: Swift W3C TraceContext
CVE-2026-23885 (Alchemy is an open source content management system engine written in ...)
- TODO: check
+ NOT-FOR-US: Alchemy
CVE-2026-23880 (OnboardLite is a comprehensive membership lifecycle platform built for ...)
- TODO: check
+ NOT-FOR-US: OnboardLite
CVE-2026-23877 (Swing Music is a self-hosted music player for local audio files. Prior ...)
- TODO: check
+ NOT-FOR-US: Swing Music
CVE-2026-23876 (ImageMagick is free and open-source software used for editing and mani ...)
- imagemagick <unfixed>
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r49w-jqq3-3gx8
@@ -53,13 +53,13 @@ CVE-2026-23874 (ImageMagick is free and open-source software used for editing an
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9vj4-wc7r-p844
NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/2a09644b10a5b146e0a7c63b778bd74a112ebec3 (7.1.2-13)
CVE-2026-23849 (File Browser provides a file managing interface within a specified dir ...)
- TODO: check
+ NOT-FOR-US: filebrowser
CVE-2026-23848 (MyTube is a self-hosted downloader and player for several video websit ...)
- TODO: check
+ NOT-FOR-US: MyTube
CVE-2026-23844 (Whisper Money is a personal finance application. Versions prior to 0.1 ...)
- TODO: check
+ NOT-FOR-US: Whisper Money
CVE-2026-23837 (MyTube is a self-hosted downloader and player for several video websit ...)
- TODO: check
+ NOT-FOR-US: MyTube
CVE-2026-22770 (ImageMagick is free and open-source software used for editing and mani ...)
- imagemagick <unfixed>
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-39h3-g67r-7g3c
@@ -69,27 +69,27 @@ CVE-2026-22219 (Chainlit versions prior to 2.9.4 contain a server-side request f
CVE-2026-22218 (Chainlit versions prior to 2.9.4 contain an arbitrary file read vulner ...)
TODO: check
CVE-2026-1223 (PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has an I ...)
- TODO: check
+ NOT-FOR-US: PrismX MX100 AP
CVE-2026-1222 (PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has an A ...)
- TODO: check
+ NOT-FOR-US: PrismX MX100 AP
CVE-2026-1221 (PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has a U ...)
- TODO: check
+ NOT-FOR-US: PrismX MX100 AP
CVE-2026-1218 (A vulnerability was detected in Bjskzy Zhiyou ERP up to 11.0. Impacted ...)
TODO: check
CVE-2026-1203 (A weakness has been identified in CRMEB up to 5.6.3. The impacted elem ...)
- TODO: check
+ NOT-FOR-US: CRMEB
CVE-2026-1202 (A security flaw has been discovered in CRMEB up to 5.6.3. The affected ...)
- TODO: check
+ NOT-FOR-US: CRMEB
CVE-2026-1197 (A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vu ...)
- TODO: check
+ NOT-FOR-US: MineAdmin
CVE-2026-1196 (A security vulnerability has been detected in MineAdmin 1.x/2.x. Affec ...)
- TODO: check
+ NOT-FOR-US: MineAdmin
CVE-2026-1195 (A weakness has been identified in MineAdmin 1.x/2.x. This impacts the ...)
- TODO: check
+ NOT-FOR-US: MineAdmin
CVE-2026-1194 (A security flaw has been discovered in MineAdmin 1.x/2.x. This affects ...)
- TODO: check
+ NOT-FOR-US: MineAdmin
CVE-2026-1193 (A vulnerability was identified in MineAdmin 1.x/2.x. The impacted elem ...)
- TODO: check
+ NOT-FOR-US: MineAdmin
CVE-2026-1192 (A vulnerability was determined in Tosei Online Store Management System ...)
TODO: check
CVE-2026-1179 (A vulnerability was detected in Yonyou KSOA 9.0. This affects an unkno ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8124974d29b1a6a8570d5406e4e8edf865841d4e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8124974d29b1a6a8570d5406e4e8edf865841d4e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260120/39b12004/attachment.htm>
More information about the debian-security-tracker-commits
mailing list