[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 23 08:47:28 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
490f3fa0 by Salvatore Bonaccorso at 2026-06-23T09:37:14+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,11 +53,11 @@ CVE-2026-55653 (A flaw was found in OpenSSH. A malicious SSH server can exploit
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2462351
 	TODO: check details, AI generated report
 CVE-2026-55603 (http-proxy-middleware is node.js http-proxy middleware. From 3.0.4 unt ...)
-	TODO: check
+	NOT-FOR-US: http-proxy-middleware Node.js module
 CVE-2026-55599 (phpseclib is a PHP secure communications library. From 0.1.1 until 1.0 ...)
 	TODO: check
 CVE-2026-55409 (Filament is a collection of full-stack components for accelerated Lara ...)
-	TODO: check
+	NOT-FOR-US: Filament
 CVE-2026-54911 (UltraJSON is a fast JSON encoder and decoder written in pure C with bi ...)
 	TODO: check
 CVE-2026-54651 (pypdf is a free and open-source pure-python PDF library. Prior to 6.13 ...)
@@ -79,7 +79,7 @@ CVE-2026-54232 (vLLM is an inference and serving engine for large language model
 CVE-2026-53923 (vLLM is an inference and serving engine for large language models (LLM ...)
 	TODO: check
 CVE-2026-49468 (LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or  ...)
-	TODO: check
+	NOT-FOR-US: LiteLLM
 CVE-2026-49461 (pypdf is a free and open-source pure-python PDF library. Prior to 6.12 ...)
 	TODO: check
 CVE-2026-49460 (pypdf is a free and open-source pure-python PDF library. Prior to 6.12 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/490f3fa08aded1291f7b9c7ed6a75b49e14207e5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/490f3fa08aded1291f7b9c7ed6a75b49e14207e5
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260623/4a81c778/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list