[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Mar 4 21:57:30 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
adbb331e by Salvatore Bonaccorso at 2026-03-04T22:37:22+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,7 +29,7 @@ CVE-2026-3536 (Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.15
 	- chromium <unfixed>
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-3520 (Multer is a node.js middleware for handling `multipart/form-data`. A v ...)
-	TODO: check
+	NOT-FOR-US: Node multer
 CVE-2026-3439 (A post-authentication Stack-based Buffer Overflow vulnerability in Son ...)
 	NOT-FOR-US: SonicWall
 CVE-2026-3125 (A Server-Side Request Forgery (SSRF) vulnerability was identified in t ...)
@@ -51,31 +51,31 @@ CVE-2026-2746 (SEPPmail Secure Email Gateway before version 15.0.1 does not prop
 CVE-2026-2355 (The My Calendar \u2013 Accessible Event Manager plugin for WordPress i ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-29120 (The /root/anaconda-ks.cfg installation configuration file in Internati ...)
-	TODO: check
+	NOT-FOR-US: International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver
 CVE-2026-29119 (International Datacasting Corporation (IDC) SFX Series SuperFlex(SFX21 ...)
-	TODO: check
+	NOT-FOR-US: International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver
 CVE-2026-29069 (Craft is a content management system (CMS). Prior to 5.9.0-beta.2 and  ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-28784 (Craft is a content management system (CMS). Prior to 5.8.22 and 4.16.1 ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-28783 (Craft is a content management system (CMS). Prior to 5.9.0-beta.1 and  ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-28782 (Craft is a content management system (CMS). Prior to 5.9.0-beta.1 and  ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-28781 (Craft is a content management system (CMS). Prior to 4.17.0-beta.1 and ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-28697 (Craft is a content management system (CMS). Prior to 4.17.0-beta.1 and ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-28696 (Craft is a content management system (CMS). Prior to 4.17.0-beta.1 and ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-28695 (Craft is a content management system (CMS). There is an authenticated  ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2026-28435 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
 	TODO: check
 CVE-2026-28434 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
 	TODO: check
 CVE-2026-28427 (OpenDeck is Linux software for your Elgato Stream Deck. Prior to 2.8.1 ...)
-	TODO: check
+	NOT-FOR-US: OpenDeck
 CVE-2026-27446 (Missing Authentication for Critical Function (CWE-306) vulnerability i ...)
 	TODO: check
 CVE-2026-27445 (SEPPmail Secure Email Gateway before version 15.0.1 does not properly  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/adbb331ef570477a1e2011cd90f3a1dd372f6b26

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/adbb331ef570477a1e2011cd90f3a1dd372f6b26
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260304/011388fd/attachment.htm>
