[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jun 10 10:34:52 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3cde6a86 by Moritz Muehlenhoff at 2026-06-10T11:34:06+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,11 +63,11 @@ CVE-2026-6445 (A flaw exists in FlashArray Purity where insufficient filtering o
 CVE-2026-6444 (A flaw exists in the FlashArray Purity management interface where an a ...)
 	NOT-FOR-US: Everpure
 CVE-2026-53675 (BuddyPress 14.4.0 contains an insecure direct object reference vulnera ...)
-	TODO: check
+	NOT-FOR-US: BuddyPress
 CVE-2026-53674 (BuddyPress 14.4.0 contains a regular expression injection vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: BuddyPress
 CVE-2026-53673 (BuddyPress 14.4.0 contains an insecure direct object reference vulnera ...)
-	TODO: check
+	NOT-FOR-US: BuddyPress
 CVE-2026-48306 (Substance3D - Sampler versions 6.0.0 and earlier are affected by an ou ...)
 	NOT-FOR-US: Adobe
 CVE-2026-48305 (Substance3D - Sampler versions 6.0.0 and earlier are affected by an ou ...)
@@ -155,31 +155,31 @@ CVE-2026-47902 (CAI Content Credentials versions c2pa-web at 0.7.1, c2pa-v0.80.1 an
 CVE-2026-47838 (SubjectDnX509PrincipalExtractor does not correctly handle certain malf ...)
 	TODO: check
 CVE-2026-47106 (Ellucian Banner Self-Service before the April T2 release (2025-04-23)  ...)
-	TODO: check
+	NOT-FOR-US: Ellucian Banner Self-Service
 CVE-2026-46546 (Frappe Learning Management System (LMS) is a learning system that help ...)
-	TODO: check
+	NOT-FOR-US: Frappe Learning Management System (LMS)
 CVE-2026-46545 (Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol ba ...)
-	TODO: check
+	NOT-FOR-US: Nimiq
 CVE-2026-46543 (Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol ba ...)
-	TODO: check
+	NOT-FOR-US: Nimiq
 CVE-2026-46542 (Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol ba ...)
-	TODO: check
+	NOT-FOR-US: Nimiq
 CVE-2026-46541 (Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol ba ...)
-	TODO: check
+	NOT-FOR-US: Nimiq
 CVE-2026-46540 (Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol ba ...)
-	TODO: check
+	NOT-FOR-US: Nimiq
 CVE-2026-46539 (Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol ba ...)
-	TODO: check
+	NOT-FOR-US: Nimiq
 CVE-2026-46532 (ESF-IDF is the Espressif Internet of Things (IOT) Development Framewor ...)
-	TODO: check
+	NOT-FOR-US: ESF-IDF
 CVE-2026-46518 (OpenEMR is a free and open source electronic health records and medica ...)
 	NOT-FOR-US: OpenEMR
 CVE-2026-46517 (LMDeploy is a toolkit for compressing, deploying, and serving large la ...)
-	TODO: check
+	NOT-FOR-US: LMDeploy
 CVE-2026-46491 (SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in t ...)
-	TODO: check
+	NOT-FOR-US: SimpleSAMLphp-casserver
 CVE-2026-46432 (LMDeploy is a toolkit for compressing, deploying, and serving large la ...)
-	TODO: check
+	NOT-FOR-US: LMDeploy
 CVE-2026-46411 (FlashMQ is a MQTT broker/server, designed for multi-CPU environments.  ...)
 	TODO: check
 CVE-2026-46374 (SQLFluff is a modular SQL linter and auto-formatter with support for m ...)
@@ -189,15 +189,15 @@ CVE-2026-46373 (SQLFluff is a modular SQL linter and auto-formatter with support
 CVE-2026-45782 (Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Fro ...)
 	TODO: check
 CVE-2026-45542 (ESF-IDF is the Espressif Internet of Things (IOT) Development Framewor ...)
-	TODO: check
+	NOT-FOR-US: ESF-IDF
 CVE-2026-45541 (ESF-IDF is the Espressif Internet of Things (IOT) Development Framewor ...)
-	TODO: check
+	NOT-FOR-US: ESF-IDF
 CVE-2026-45329 (ESF-IDF is the Espressif Internet of Things (IOT) Development Framewor ...)
-	TODO: check
+	NOT-FOR-US: ESF-IDF
 CVE-2026-45328 (ESF-IDF is the Espressif Internet of Things (IOT) Development Framewor ...)
-	TODO: check
+	NOT-FOR-US: ESF-IDF
 CVE-2026-45160 (ESF-IDF is the Espressif Internet of Things (IOT) Development Framewor ...)
-	TODO: check
+	NOT-FOR-US: ESF-IDF
 CVE-2026-44963 (A vulnerability allowing remote code execution (RCE) on the Backup Ser ...)
 	TODO: check
 CVE-2026-44716 (Pipecat is an open-source Python framework for building real-time voic ...)
@@ -205,7 +205,7 @@ CVE-2026-44716 (Pipecat is an open-source Python framework for building real-tim
 CVE-2026-44634 (SimpleBLE is a cross-platform library and bindings for Bluetooth Low E ...)
 	TODO: check
 CVE-2026-44505 (Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol ba ...)
-	TODO: check
+	NOT-FOR-US: Nimiq
 CVE-2026-41837 (Spring Data REST's Querydsl integration accepts arbitrary persistent p ...)
 	TODO: check
 CVE-2026-41732 (JsonPulsarHeaderMapper matched type headers against trusted packages u ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cde6a86bf54be207213286bcbb442fb8a653599

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cde6a86bf54be207213286bcbb442fb8a653599
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260610/79830318/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list