[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Jun 11 22:12:01 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f1c96c25 by Salvatore Bonaccorso at 2026-06-11T23:11:13+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -198,27 +198,27 @@ CVE-2026-47167 (Vim is an open source, command line text editor. Prior to versio
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-4473-94jm-w5x9
 	NOTE: Fixed by: https://github.com/vim/vim/commit/a65a52d684bc58535ad28a4ae824d22e76399934 (v9.2.0496)
 CVE-2026-47163 (Quest Bot is an opensource modern Discord Bot built for moderation, ut ...)
-	TODO: check
+	NOT-FOR-US: Quest Bot
 CVE-2026-47162 (Vim is an open source, command line text editor. Prior to version 9.2. ...)
 	- vim 2:9.2.0524-1
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-crm5-rh6j-2c7c
 	NOTE: Fixed by: https://github.com/vim/vim/commit/f08ab2f4d7d2947c8dd6c179ae08ee6146a2694b (v9.2.0495)
 CVE-2026-47157 (aiograpi is an asynchronous Instagram API for Python. aiograpi version ...)
-	TODO: check
+	NOT-FOR-US: aiograpi
 CVE-2026-46705 (Russh is a Rust SSH client & server library. From version 0.34.0-beta. ...)
 	TODO: check
 CVE-2026-46703 (Boxlite is a sandbox service that allows users to create lightweight v ...)
-	TODO: check
+	NOT-FOR-US: Boxlite
 CVE-2026-46702 (Russh is a Rust SSH client & server library. From version 0.34.0 to be ...)
 	TODO: check
 CVE-2026-46698 (Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to v ...)
-	TODO: check
+	NOT-FOR-US: Fediverse Embeds
 CVE-2026-46697 (Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to v ...)
-	TODO: check
+	NOT-FOR-US: Fediverse Embeds
 CVE-2026-46695 (Boxlite is a sandbox service that allows users to create lightweight v ...)
-	TODO: check
+	NOT-FOR-US: Boxlite
 CVE-2026-46689 (Kanidm is an identity management platform. Prior to version 1.9.3, a s ...)
-	TODO: check
+	NOT-FOR-US: Kanidm
 CVE-2026-46683 (Snappy is a PHP library allowing thumbnail, snapshot or PDF generation ...)
 	TODO: check
 CVE-2026-46679 (libp2p is a JavaScript Implementation of libp2p networking stack. Prio ...)
@@ -226,9 +226,9 @@ CVE-2026-46679 (libp2p is a JavaScript Implementation of libp2p networking stack
 CVE-2026-46673 (Russh is a Rust SSH client & server library. Prior to version 0.60.3,  ...)
 	TODO: check
 CVE-2026-46669 (OpenVM is a performant and modular zkVM framework built for customizat ...)
-	TODO: check
+	NOT-FOR-US: OpenVM
 CVE-2026-46668 (SpiceDB is an open source database system for creating and managing se ...)
-	TODO: check
+	NOT-FOR-US: SpiceDB
 CVE-2026-46654 (Plonky3 is a toolkit for polynomial IOPs (PIOPs). Prior to versions 0. ...)
 	TODO: check
 CVE-2026-46645 (SQLAdmin is a flexible Admin interface for SQLAlchemy models. Prior to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1c96c250048fdd589d85b472a15e78ffaf931db

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1c96c250048fdd589d85b472a15e78ffaf931db
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260611/12109365/attachment.htm>
