[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 23 08:22:42 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3acb1626 by Salvatore Bonaccorso at 2026-06-23T09:22:23+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,37 +9,37 @@ CVE-2026-8163 (The Infility Global WordPress plugin before 2.15.19 does not prop
 CVE-2026-7842 (The Infility Global Infility Global WordPress plugin before 2.15.20 fo ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-56698 (Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validat ...)
-	TODO: check
+	NOT-FOR-US: Nuxt
 CVE-2026-56697 (Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol ...)
-	TODO: check
+	NOT-FOR-US: Nuxt
 CVE-2026-56357 (n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability ...)
-	TODO: check
+	NOT-FOR-US: n8n
 CVE-2026-56348 (n8n before 2.20.0 contains a credential exfiltration vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: n8n
 CVE-2026-56326 (Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a serve ...)
-	TODO: check
+	NOT-FOR-US: Nuxt
 CVE-2026-56324 (Capgo before 12.128.2 contains a rate limit bypass vulnerability in th ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56323 (Capgo before 12.128.2 contains an information disclosure vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56321 (Capgo (backend Supabase edge functions) before 12.128.2 does not apply ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56314 (Capgo before 12.128.12 fails to filter deleted app versions when joini ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56311 (Capgo before 12.128.2 contains an authorization bypass vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56306 (Capgo before 12.128.2 contains a weak parsing vulnerability in the x-l ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56280 (Cap-go before 12.128.2 contains a privilege inversion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56268 (Flowise before 3.1.2 contains an information disclosure vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Flowise
 CVE-2026-56266 (Crawl4AI before 0.8.7 contains a server-side request forgery vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Crawl4AI
 CVE-2026-56255 (Capgo before 12.128.2 contains a denial of service vulnerability in th ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56221 (Cap-go before 12.128.2 contains multiple SQL injection vulnerabilities ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-55655 (A flaw was found in OpenSSH. A local unprivileged attacker on a Linux  ...)
 	TODO: check
 CVE-2026-55654 (A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3acb1626bc6f507292a3e527aad71b1063f6cc2a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3acb1626bc6f507292a3e527aad71b1063f6cc2a
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260623/77f5f570/attachment.htm>


More information about the debian-security-tracker-commits mailing list