[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Jun 25 10:17:52 BST 2026



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2663765f by Moritz Muehlenhoff at 2026-06-25T11:13:43+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -73,7 +73,7 @@ CVE-2026-5309 (GitLab has remediated an issue in GitLab EE affecting all version
 CVE-2026-5305 (The Email Address Encoder WordPress plugin before 1.0.25, email-encode ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-57589 (sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowi ...)
-	TODO: check
+	NOT-FOR-US: OpenBSD
 CVE-2026-55762 (Rocket.Chat is an open-source, secure, fully customizable communicatio ...)
 	NOT-FOR-US: Rocket.Chat
 CVE-2026-55759 (Rocket.Chat is an open-source, secure, fully customizable communicatio ...)
@@ -217,25 +217,25 @@ CVE-2026-39894 (Cacti is an open source performance and fault management framewo
 CVE-2026-39893 (Cacti is an open source performance and fault management framework. In ...)
 	TODO: check
 CVE-2026-33543 (FOSSBilling is a free, open-source billing and client management syste ...)
-	TODO: check
+	NOT-FOR-US: FOSSBilling
 CVE-2026-33235 (AutoGPT is a workflow automation platform for creating, deploying, and ...)
-	TODO: check
+	NOT-FOR-US: AutoGPT
 CVE-2026-32315 (motionEye (mEye) is an online interface for motion software, a video s ...)
-	TODO: check
+	NOT-FOR-US: motionEye (mEye)
 CVE-2026-31978 (motionEye (mEye) is an online interface for motion software, which is  ...)
-	TODO: check
+	NOT-FOR-US: motionEye (mEye)
 CVE-2026-2508 (The Gravity Forms Booking plugin for WordPress is vulnerable to time-b ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-2238 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
 	NOT-FOR-US: GitLab (used to be packaged in the Debian archive as src:gitlab, but never in a stable release)
 CVE-2026-27708 (FOSSBilling is a free, open-source billing and client management syste ...)
-	TODO: check
+	NOT-FOR-US: FOSSBilling
 CVE-2026-25119 (Gogs is an open source self-hosted Git service. Prior to 0.14.3, when  ...)
-	TODO: check
+	NOT-FOR-US: Go Git Service
 CVE-2026-23879 (py7zr is a Python-based library and utility to support 7zip archive co ...)
 	TODO: check
 CVE-2026-1840 (The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized ...)
-	TODO: check
+	NOT-FOR-US: Aclara Metrum Cellular Web Interface
 CVE-2026-1606 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
 	NOT-FOR-US: GitLab (used to be packaged in the Debian archive as src:gitlab, but never in a stable release)
 CVE-2026-13311 (shell-quote prior to 1.8.5 finalizes parsed tokens in parse() using Ar ...)
@@ -2574,7 +2574,7 @@ CVE-2026-41479 (Authlib is a Python library which builds OAuth and OpenID Connec
 CVE-2026-39904 (Gophish through 0.12.1 contains a denial of service vulnerability that ...)
 	NOT-FOR-US: Gophish
 CVE-2026-12866 (All versions of the package expr-eval are vulnerable to Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Node expr-eval
 CVE-2026-11833 (Overview:  A vulnerability has been found in FAST/TOOLS and CI Server. ...)
 	NOT-FOR-US: Yokogawa
 CVE-2026-10852 (IBM WebSphere Application Server and IBM WebSphere Application Server  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2663765f740a5fb28831655a06b8ab11eadcac87

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2663765f740a5fb28831655a06b8ab11eadcac87
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260625/f1411555/attachment.htm>


More information about the debian-security-tracker-commits mailing list