[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Mar 19 10:12:04 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d6b925ea by Moritz Muehlenhoff at 2026-03-19T11:06:43+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35,7 +35,7 @@ CVE-2026-32737 (Romeo gives the capability to reach high code coverage of Go \u2
 CVE-2026-32736 (The Hytale Modding Wiki is a free service for Hytale mods to host thei ...)
 	NOT-FOR-US: Hytale Modding Wiki
 CVE-2026-32735 (openapi-to-java-records-mustache-templates allows users to generate Ja ...)
-	TODO: check
+	NOT-FOR-US: openapi-to-java-records-mustache-templates
 CVE-2026-32731 (ApostropheCMS is an open-source content management framework. Prior to ...)
 	NOT-FOR-US: ApostropheCMS
 CVE-2026-32730 (ApostropheCMS is an open-source content management framework. Prior to ...)
@@ -59,7 +59,7 @@ CVE-2026-32636 (ImageMagick is free and open-source software used for editing an
 CVE-2026-32321 (ClipBucket v5 is an open source video sharing platform. An authenticat ...)
 	NOT-FOR-US: ClipBucket
 CVE-2026-32255 (Kan is an open-source project management tool. In versions 0.5.4 and b ...)
-	TODO: check
+	NOT-FOR-US: Kan
 CVE-2026-32000 (OpenClaw versions prior to 2026.2.19 contain a command injection vulne ...)
 	NOT-FOR-US: OpenClaw
 CVE-2026-31999 (OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a cur ...)
@@ -121,7 +121,7 @@ CVE-2026-27093 (Improper Control of Filename for Include/Require Statement in PH
 CVE-2026-27091 (Missing Authorization vulnerability in UiPress UiPress lite allows Exp ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-25873 (OmniGen2-RL contains an unauthenticated remote code execution vulnerab ...)
-	TODO: check
+	NOT-FOR-US: OmniGen2-RL
 CVE-2026-25745 (OpenEMR is a free and open source electronic health records and medica ...)
 	NOT-FOR-US: OpenEMR
 CVE-2026-25471 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
@@ -2048,7 +2048,7 @@ CVE-2026-0954 (There is a memory corruption vulnerability due to an out-of-bound
 CVE-2026-0835 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 thro ...)
 	NOT-FOR-US: IBM
 CVE-2025-71263 (In UNIX Fourth Research Edition (v4), the su command is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: AT&T Bell Labs UNIX
 CVE-2025-66249 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
 	TODO: check
 CVE-2025-60012 (Malicious configuration can lead to unauthorized file access in Apache ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6b925ea4dbd9d74702e488efcfc4970d1445e39

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6b925ea4dbd9d74702e488efcfc4970d1445e39
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260319/e8b1d231/attachment.htm>

More information about the debian-security-tracker-commits mailing list