[Git][security-tracker-team/security-tracker][master] Process two NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 22 06:28:08 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aeadde2a by Salvatore Bonaccorso at 2026-01-22T07:27:43+01:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -378,7 +378,7 @@ CVE-2026-21640 (HackerOne community member Faraz Ahmed (PakCyberbot) has reporte
 CVE-2026-1035 (A flaw was found in the Keycloak server during refresh token processin ...)
 	- keycloak <itp> (bug #1088287)
 CVE-2026-0933 (SummaryA command injection vulnerability (CWE-78) has been found to ex ...)
-	TODO: check
+	NOT-FOR-US: cloudflare workers-sdk
 CVE-2026-0865 (User-controlled header names and values containing newlines can allow  ...)
 	- python3.14 <unfixed>
 	- python3.13 <unfixed>
@@ -402,7 +402,7 @@ CVE-2025-68133 (EVerest is an EV charging software stack. In versions 2025.9.0 a
 CVE-2025-66902 (An input validation issue in in Pithikos websocket-server v.0.6.4 allo ...)
 	NOT-FOR-US: Pithikos websocket-server
 CVE-2025-66692 (A buffer over-read in the PublicKey::verify() method of Binance - Trus ...)
-	TODO: check
+	NOT-FOR-US: trustwallet / wallet-core
 CVE-2025-63648 (A NULL pointer dereference in the dacp_reply_playqueueedit_move functi ...)
 	NOT-FOR-US: owntone-server
 CVE-2025-63647 (A NULL pointer dereference in the parse_meta function (src/httpd_daap. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeadde2aa385ae8a311865ad82cf7fbe89d5134f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aeadde2aa385ae8a311865ad82cf7fbe89d5134f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260122/a54d9574/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list