[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Jun 11 20:37:04 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1449465f by Salvatore Bonaccorso at 2026-06-11T21:36:47+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10,13 +10,13 @@ CVE-2026-9204 (GitLab has remediated an issue in GitLab CE/EE affecting all vers
 CVE-2026-8589 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
 	- gitlab <removed>
 CVE-2026-8464 (Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. ...)
-	TODO: check
+	NOT-FOR-US: Golem OEE MES
 CVE-2026-8406 (openSIS Classic 9.3 contains an insecure direct object reference vulne ...)
-	TODO: check
+	NOT-FOR-US: openSIS
 CVE-2026-7870 (IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privi ...)
 	NOT-FOR-US: IBM
 CVE-2026-7852 (Unrestricted upload of file with dangerous type vulnerability in Limat ...)
-	TODO: check
+	NOT-FOR-US: LimRAD NAC
 CVE-2026-7787 (IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user ...)
 	NOT-FOR-US: IBM
 CVE-2026-7250 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
@@ -26,7 +26,7 @@ CVE-2026-6976 (GitLab has remediated an issue in GitLab CE/EE affecting all vers
 CVE-2026-6552 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
 	- gitlab <not-affected> (Only affects Gitlab EE)
 CVE-2026-6338 (A HTTP request smuggling and desynchronization vulnerability affects K ...)
-	TODO: check
+	NOT-FOR-US: Kong Gateway Enterprise
 CVE-2026-6277 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
 	- gitlab <not-affected> (Only affects Gitlab EE)
 CVE-2026-6269 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
@@ -34,11 +34,11 @@ CVE-2026-6269 (GitLab has remediated an issue in GitLab CE/EE affecting all vers
 CVE-2026-5497 (vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) ...)
 	TODO: check
 CVE-2026-53912 (Cerebrate before version 1.37 exposed credential material from self-re ...)
-	TODO: check
+	NOT-FOR-US: Cerebrate
 CVE-2026-53911 (Cerebrate before version 1.37 allowed the id primary key field to be s ...)
-	TODO: check
+	NOT-FOR-US: Cerebrate
 CVE-2026-53901 (Cerebrate before version 1.37 contains a mass-assignment vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Cerebrate
 CVE-2026-53777 (Perry before 0.5.1159 contains a path traversal vulnerability that all ...)
 	TODO: check
 CVE-2026-53742 (Simple Link Directory through 9.0.4 echoes embed shortcode attributes  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1449465feba9aafabd5797cb0123dad2a1e531cd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1449465feba9aafabd5797cb0123dad2a1e531cd
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260611/d0c320f7/attachment-0001.htm>
