[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3448c17c by Salvatore Bonaccorso at 2026-03-19T07:39:49+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135,9 +135,9 @@ CVE-2026-26740 (Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote
 CVE-2026-25449 (Deserialization of Untrusted Data vulnerability in Shinetheme Traveler ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24063 (When a plugin is installed using the Arturia Software Center (MacOS),  ...)
-	TODO: check
+	NOT-FOR-US: Arturia
 CVE-2026-24062 (The "Privileged Helper" component of the Arturia Software Center (MacO ...)
-	TODO: check
+	NOT-FOR-US: Arturia
 CVE-2026-1463 (The Photo Gallery, Sliders, Proofing and Themes \u2013 NextGEN Gallery ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-1217 (The Yoast Duplicate Post plugin for WordPress is vulnerable to unautho ...)
@@ -145,27 +145,27 @@ CVE-2026-1217 (The Yoast Duplicate Post plugin for WordPress is vulnerable to un
 CVE-2026-0866
 	REJECTED
 CVE-2025-67830 (Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection.)
-	TODO: check
+	NOT-FOR-US: Mura
 CVE-2025-67829 (Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL inj ...)
-	TODO: check
+	NOT-FOR-US: Mura
 CVE-2025-58112 (Microsoft Dynamics 365 Customer Engagement (on-premises) 1612 (9.0.2.3 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-55046 (MuraCMS through 10.1.10 contains a CSRF vulnerability that allows atta ...)
-	TODO: check
+	NOT-FOR-US: MuraCMS
 CVE-2025-55045 (The update address CSRF vulnerability in MuraCMS through 10.1.10 allow ...)
-	TODO: check
+	NOT-FOR-US: MuraCMS
 CVE-2025-55044 (The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows ...)
-	TODO: check
+	NOT-FOR-US: MuraCMS
 CVE-2025-55043 (MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle cr ...)
-	TODO: check
+	NOT-FOR-US: MuraCMS
 CVE-2025-55041 (MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Gr ...)
-	TODO: check
+	NOT-FOR-US: MuraCMS
 CVE-2025-55040 (The import form CSRF vulnerability in MuraCMS through 10.1.10 allows a ...)
-	TODO: check
+	NOT-FOR-US: MuraCMS
 CVE-2025-41258 (LibreChat version 0.8.1-rc2 uses the same JWT secret for the user sess ...)
-	TODO: check
+	NOT-FOR-US: LibreChat
 CVE-2025-12518 (beefree.io SDK is vulnerable to Stored XSS in Social Media icon URL pa ...)
-	TODO: check
+	NOT-FOR-US: beefree.io SDK
 CVE-2026-23268 (In the Linux kernel, the following vulnerability has been resolved:  a ...)
 	- linux 6.19.6-2
 	[trixie] - linux 6.12.74-2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3448c17cd3f660a4de500637bd76ced84a58908e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3448c17cd3f660a4de500637bd76ced84a58908e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260319/747adaba/attachment.htm>