[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
73f36b50 by Moritz Muehlenhoff at 2026-06-18T08:52:23+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1630,9 +1630,9 @@ CVE-2026-49774 (Improper Control of Generation of Code ('Code Injection') vulner
 CVE-2026-49772 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-48780 (Forem is open source software for building communities. Prior to commi ...)
-	TODO: check
+	NOT-FOR-US: Forem
 CVE-2026-48775 (LangGraph SQLite Checkpoint is an implementation of LangGraph Checkpoi ...)
-	TODO: check
+	NOT-FOR-US: LangGraph SQLite Checkpoint
 CVE-2026-47964 (DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based B ...)
 	NOT-FOR-US: Adobe
 CVE-2026-47963 (DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-boun ...)
@@ -1642,15 +1642,15 @@ CVE-2026-47934 (DNG SDK versions 1.7.1 2536 and earlier are affected by an out-o
 CVE-2026-47927 (DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-boun ...)
 	NOT-FOR-US: Adobe
 CVE-2026-47749 (stable-diffusion.cpp is a pure C/C++ library for running diffusion mod ...)
-	TODO: check
+	NOT-FOR-US: stable-diffusion.cpp
 CVE-2026-47748 (stable-diffusion.cpp is a pure C/C++ library for running diffusion mod ...)
-	TODO: check
+	NOT-FOR-US: stable-diffusion.cpp
 CVE-2026-47684 (Sync-in Server is a secure, open-source platform for file storage, sha ...)
-	TODO: check
+	NOT-FOR-US: Sync-in Server
 CVE-2026-44932 (Passing of unsanitized strings from DHCP replies into the wicked dhcp  ...)
-	TODO: check
+	NOT-FOR-US: SuSE wicked
 CVE-2026-42089 (Yeoman Environment provides an API to discover, create, and run genera ...)
-	TODO: check
+	NOT-FOR-US: Yeoman Environment
 CVE-2026-40809 (Missing Authorization vulnerability in Rara Themes Metro Magazine allo ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-40750 (Unrestricted Upload of File with Dangerous Type vulnerability in thema ...)
@@ -1947,7 +1947,7 @@ CVE-2026-12289 (Privilege escalation in the Graphics: WebRender component. This
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12289
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12289
 CVE-2026-12225 (syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitb ...)
-	TODO: check
+	NOT-FOR-US: syracom AG Secure Login (2FA) for Atlassian
 CVE-2026-12003 (To allow builds of Python to be run from an in-tree layout (rather tha ...)
 	TODO: check
 	NOTE: https://github.com/python/cpython/pull/151545



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73f36b503c673b62918d5cf99414e40f4d612041

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73f36b503c673b62918d5cf99414e40f4d612041
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260618/515a2b79/attachment.htm>