[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bf1ae7d7 by Moritz Muehlenhoff at 2026-06-15T12:37:00+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2026-54413 (driftregion iso14229 through 0.9.0 contains an integer underflow and d ...)
 	NOT-FOR-US: driftregion iso14229
 CVE-2026-54412 (LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-b ...)
-	TODO: check
+	NOT-FOR-US: MQTT-C
 CVE-2026-54411 (Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE ...)
 	- pam <unfixed>
 	TODO: check, check for upstream issue, only a problem with pam_userdb with crypt=none
@@ -32,13 +32,13 @@ CVE-2026-12212 (A vulnerability has been found in hcengineering Huly Platform up
 CVE-2026-12211 (A flaw has been found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Buil ...)
 	NOT-FOR-US: Intelbras
 CVE-2026-12210 (A vulnerability was detected in universal-tool-calling-protocol python ...)
-	TODO: check
+	NOT-FOR-US: python-utcp
 CVE-2026-12209 (A security vulnerability has been detected in RubyLouvre avalon up to  ...)
-	TODO: check
+	NOT-FOR-US: RubyLouvre avalon
 CVE-2026-12208 (A weakness has been identified in jsonata-js jsonata up to 2.2.0. The  ...)
-	TODO: check
+	NOT-FOR-US: jsonata
 CVE-2026-12207 (A security flaw has been discovered in medkey-org medkey up to fc09b7b ...)
-	TODO: check
+	NOT-FOR-US: medkey
 CVE-2026-12206 (A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue ...)
 	NOT-FOR-US: Grit42
 CVE-2026-12204 (A vulnerability was determined in ShopXO up to 6.7.1. This vulnerabili ...)
@@ -8121,9 +8121,9 @@ CVE-2026-45080 (Klaw is a self-service Apache Kafka Topic Management/Governance
 CVE-2026-44367 (Klaw is a self-service Apache Kafka Topic Management/Governance tool/p ...)
 	NOT-FOR-US: Klaw
 CVE-2026-43965 (Path traversal vulnerability in Gleam's dependency management allows a ...)
-	TODO: check
+	NOT-FOR-US: Gleam
 CVE-2026-42795 (Symlink following vulnerability in Gleam's Hex package export allows f ...)
-	TODO: check
+	NOT-FOR-US: Gleam
 CVE-2026-42685 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-42684 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -8196,7 +8196,7 @@ CVE-2026-33398 (NamelessMC is website software for Minecraft servers. In version
 CVE-2026-33244 (React Router is a router for React. In versions 7.5.1 through 7.13.1,  ...)
 	NOT-FOR-US: React Router
 CVE-2026-32685 (Path traversal vulnerability in Gleam's handling of custom documentati ...)
-	TODO: check
+	NOT-FOR-US: Gleam
 CVE-2026-32250 (NamelessMC is website software for Minecraft servers. A Reflected Cros ...)
 	NOT-FOR-US: NamelessMC
 CVE-2026-30652 (A remote buffer overflow vulnerability exists in the /cgi-bin/dido/set ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf1ae7d75d452b11d2f6327801fd0558112a309f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf1ae7d75d452b11d2f6327801fd0558112a309f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260615/bd795fe9/attachment.htm>