[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cf0b5952 by Salvatore Bonaccorso at 2026-03-08T08:22:47+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22,41 +22,41 @@ CVE-2026-3662 (A vulnerability has been found in Wavlink WL-NU516U1 240425. This
 CVE-2026-3661 (A flaw has been found in Wavlink WL-NU516U1 240425. This affects the f ...)
 	NOT-FOR-US: Wavlink
 CVE-2026-30863 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-30861 (WeKnora is an LLM-powered framework designed for deep document underst ...)
-	TODO: check
+	NOT-FOR-US: WeKnora
 CVE-2026-30860 (WeKnora is an LLM-powered framework designed for deep document underst ...)
-	TODO: check
+	NOT-FOR-US: WeKnora
 CVE-2026-30859 (WeKnora is an LLM-powered framework designed for deep document underst ...)
-	TODO: check
+	NOT-FOR-US: WeKnora
 CVE-2026-30858 (WeKnora is an LLM-powered framework designed for deep document underst ...)
-	TODO: check
+	NOT-FOR-US: WeKnora
 CVE-2026-30857 (WeKnora is an LLM-powered framework designed for deep document underst ...)
-	TODO: check
+	NOT-FOR-US: WeKnora
 CVE-2026-30856 (WeKnora is an LLM-powered framework designed for deep document underst ...)
-	TODO: check
+	NOT-FOR-US: WeKnora
 CVE-2026-30855 (WeKnora is an LLM-powered framework designed for deep document underst ...)
-	TODO: check
+	NOT-FOR-US: WeKnora
 CVE-2026-30854 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-30852 (Caddy is an extensible server platform that uses TLS by default. From  ...)
 	TODO: check
 CVE-2026-30851 (Caddy is an extensible server platform that uses TLS by default. From  ...)
 	TODO: check
 CVE-2026-30850 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-30848 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-30838 (league/commonmark is a PHP Markdown parser. Prior to version 2.8.1, th ...)
 	TODO: check
 CVE-2026-30834 (PinchTab is a standalone HTTP server that gives AI agents direct contr ...)
-	TODO: check
+	NOT-FOR-US: PinchTab
 CVE-2026-30832 (Soft Serve is a self-hostable Git server for the command line. From ve ...)
-	TODO: check
+	NOT-FOR-US: Soft Serve
 CVE-2026-2671 (A vulnerability was detected in Mendi Neurofeedback Headset V4. Affect ...)
 	TODO: check
 CVE-2026-29787 (mcp-memory-service is an open-source memory backend for multi-agent sy ...)
-	TODO: check
+	NOT-FOR-US: mcp-memory-service
 CVE-2026-29786 (node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10,  ...)
 	- node-tar <unfixed>
 	NOTE: https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96
@@ -68,37 +68,37 @@ CVE-2026-29781 (Sliver is a command and control framework that uses a custom Wir
 CVE-2026-29780 (eml_parser serves as a python module for parsing eml files and returni ...)
 	TODO: check
 CVE-2026-29779 (UptimeFlare is a serverless uptime monitoring & status page solution,  ...)
-	TODO: check
+	NOT-FOR-US: UptimeFlare
 CVE-2026-29778 (pyLoad is a free and open-source download manager written in Python. F ...)
 	TODO: check
 CVE-2026-29771 (Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /a ...)
-	TODO: check
+	NOT-FOR-US: Netmaker
 CVE-2026-29196 (Netmaker makes networks with WireGuard. Prior to version 1.5.0, a user ...)
-	TODO: check
+	NOT-FOR-US: Netmaker
 CVE-2026-29195 (Netmaker makes networks with WireGuard. Prior to version 1.5.0, the us ...)
-	TODO: check
+	NOT-FOR-US: Netmaker
 CVE-2026-29194 (Netmaker makes networks with WireGuard. Prior to version 1.5.0, the Au ...)
-	TODO: check
+	NOT-FOR-US: Netmaker
 CVE-2026-29193 (ZITADEL is an open source identity management platform. From version 4 ...)
-	TODO: check
+	NOT-FOR-US: Zitadel
 CVE-2026-29192 (ZITADEL is an open source identity management platform. From version 4 ...)
-	TODO: check
+	NOT-FOR-US: Zitadel
 CVE-2026-29191 (ZITADEL is an open source identity management platform. From version 4 ...)
-	TODO: check
+	NOT-FOR-US: Zitadel
 CVE-2026-29190 (Karapace is an open-source implementation of Kafka REST and Schema Reg ...)
-	TODO: check
+	NOT-FOR-US: Karapace
 CVE-2026-29186 (Backstage is an open framework for building developer portals. Prior t ...)
-	TODO: check
+	NOT-FOR-US: Backstage
 CVE-2026-29185 (Backstage is an open framework for building developer portals. Prior t ...)
-	TODO: check
+	NOT-FOR-US: Backstage
 CVE-2026-29184 (Backstage is an open framework for building developer portals. Prior t ...)
-	TODO: check
+	NOT-FOR-US: Backstage
 CVE-2026-29076 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
 	TODO: check
 CVE-2026-29067 (ZITADEL is an open source identity management platform. From version 4 ...)
-	TODO: check
+	NOT-FOR-US: Zitadel
 CVE-2026-28678 (DSA Study Hub is an interactive educational web application. Prior to  ...)
-	TODO: check
+	NOT-FOR-US: DSA Study Hub
 CVE-2026-24308 (Improper handling of configuration values in ZKConfig in Apache ZooKee ...)
 	TODO: check
 CVE-2026-24281 (Hostname verification in Apache ZooKeeper ZKTrustManager falls back to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf0b5952882e885e1f615f89a0c86134fb41e735

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf0b5952882e885e1f615f89a0c86134fb41e735
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260308/ba0aecc0/attachment.htm>