[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Mar 9 09:14:48 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fba23d43 by Moritz Muehlenhoff at 2026-03-09T10:14:18+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -291,7 +291,7 @@ CVE-2026-30834 (PinchTab is a standalone HTTP server that gives AI agents direct
 CVE-2026-30832 (Soft Serve is a self-hostable Git server for the command line. From ve ...)
 	NOT-FOR-US: Soft Serve
 CVE-2026-2671 (A vulnerability was detected in Mendi Neurofeedback Headset V4. Affect ...)
-	TODO: check
+	NOT-FOR-US: Mendi Neurofeedback Headset
 CVE-2026-29787 (mcp-memory-service is an open-source memory backend for multi-agent sy ...)
 	NOT-FOR-US: mcp-memory-service
 CVE-2026-29786 (node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10,  ...)
@@ -301,7 +301,7 @@ CVE-2026-29786 (node-tar is a full-featured Tar for Node.js. Prior to version 7.
 CVE-2026-29784 (Ghost is a Node.js content management system. From version 5.101.6 to  ...)
 	- ghost <itp> (bug #892150)
 CVE-2026-29781 (Sliver is a command and control framework that uses a custom Wireguard ...)
-	TODO: check
+	NOT-FOR-US: Sliver
 CVE-2026-29780 (eml_parser serves as a python module for parsing eml files and returni ...)
 	TODO: check
 CVE-2026-29779 (UptimeFlare is a serverless uptime monitoring & status page solution,  ...)
@@ -1263,7 +1263,7 @@ CVE-2025-69534 (Python-Markdown version 3.8 contain a vulnerability where malfor
 CVE-2025-64166 (Mercurius is a GraphQL adapter for Fastify. Prior to version 16.4.0, a ...)
 	NOT-FOR-US: Mercurius
 CVE-2025-45691 (An Arbitrary File Read vulnerability exists in the ImageTextPromptValu ...)
-	TODO: check
+	NOT-FOR-US: Ragas
 CVE-2025-29165 (An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escal ...)
 	NOT-FOR-US: D-Link
 CVE-2025-13476 (Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0\u ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fba23d43a1084f3e74c600bb1fc68849c3824f90

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fba23d43a1084f3e74c600bb1fc68849c3824f90
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260309/e838786d/attachment.htm>

More information about the debian-security-tracker-commits mailing list