[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Mar 24 11:47:57 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f18e2bbf by Salvatore Bonaccorso at 2026-03-24T12:47:34+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2026-4756 (Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick ...)
-	TODO: check
+	NOT-FOR-US: Android-ImageMagick7 (not associating it with src:imagemagick)
 CVE-2026-4755 (CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue  ...)
-	TODO: check
+	NOT-FOR-US: Android-ImageMagick7 (not associating it with src:imagemagick)
 CVE-2026-4754 (CWE-79 vulnerability in MolotovCherry Android-ImageMagick7.This issue  ...)
-	TODO: check
+	NOT-FOR-US: Android-ImageMagick7 (not associating it with src:imagemagick)
 CVE-2026-4753 (Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue  ...)
 	NOT-FOR-US: slajerek RetroDebugger
 CVE-2026-4752 (Use After Free vulnerability in No-Chicken Echo-Mate.This issue affect ...)
@@ -15,9 +15,9 @@ CVE-2026-4750 (Out-of-bounds Read vulnerability in fabiangreffrath woof.This iss
 CVE-2026-4749 (NVD-CWE-noinfo vulnerability in albfan miraclecast.This issue affects  ...)
 	TODO: check
 CVE-2026-4746 (Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Fou ...)
-	TODO: check
+	NOT-FOR-US: timeplus-io proton
 CVE-2026-4745 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: perf-ninja
 CVE-2026-4744 (Out-of-bounds Read vulnerability in rizonesoft Notepad3 (scintilla/oni ...)
 	NOT-FOR-US: rizonesoft Notepad3
 CVE-2026-4743 (NULL Pointer Dereference vulnerability in taurusxin ncmdump (src/utils ...)
@@ -45,13 +45,13 @@ CVE-2026-4732 (Out-of-bounds Read vulnerability in tildearrow furnace (extern/li
 CVE-2026-4731 (Integer Overflow or Wraparound vulnerability in artraweditor ART (rten ...)
 	TODO: check
 CVE-2026-4681 (A critical remote code execution (RCE) vulnerability has been reported ...)
-	TODO: check
+	NOT-FOR-US: PTC Windchill and PTC FlexPLM
 CVE-2026-4662 (The JetEngine plugin for WordPress is vulnerable to SQL Injection via  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-4640 (Vitals ESP developed by Galaxy Software Services has a Missing Authent ...)
-	TODO: check
+	NOT-FOR-US: Vitals ESP
 CVE-2026-4639 (Vitals ESP developed by Galaxy Software Services has a Incorrect Autho ...)
-	TODO: check
+	NOT-FOR-US: Vitals ESP
 CVE-2026-4632 (A weakness has been identified in itsourcecode Online Enrollment Syste ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2026-4627 (A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1.  ...)
@@ -63,15 +63,15 @@ CVE-2026-4625 (A flaw has been found in SourceCodester Online Admission System 1
 CVE-2026-4624 (A vulnerability was detected in SourceCodester Online Library Manageme ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-4623 (A security vulnerability has been detected in DefaultFuction Jeson-Cus ...)
-	TODO: check
+	NOT-FOR-US: DefaultFuction Jeson-Customer-Relationship-Management-System
 CVE-2026-4617 (A weakness has been identified in SourceCodester Patients Waiting Area ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-4616 (A security flaw has been discovered in bolo-blog \uae4c\uc9c0 2.6.4. T ...)
-	TODO: check
+	NOT-FOR-US: bolo-blog
 CVE-2026-4615 (A vulnerability was identified in SourceCodester Online Catering Reser ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-4614 (A vulnerability was determined in itsourcecode sanitize or validate th ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode
 CVE-2026-4613 (A vulnerability was found in SourceCodester E-Commerce Site 1.0. This  ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-4612 (A vulnerability has been found in itsourcecode Free Hotel Reservation  ...)
@@ -79,7 +79,7 @@ CVE-2026-4612 (A vulnerability has been found in itsourcecode Free Hotel Reserva
 CVE-2026-4611 (A flaw has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0c ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2026-4597 (A security flaw has been discovered in 648540858 wvp-GB28181-pro up to ...)
-	TODO: check
+	NOT-FOR-US: 648540858 wvp-GB28181-pro
 CVE-2026-4368 (Race Condition inNetScaler ADC and NetScaler Gateway when appliance is ...)
 	TODO: check
 CVE-2026-4306 (The WP Job Portal plugin for WordPress is vulnerable to SQL Injection  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f18e2bbf5daed656cd66bbd59d6afc6c97eec693

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f18e2bbf5daed656cd66bbd59d6afc6c97eec693
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260324/c227b9b4/attachment.htm>

More information about the debian-security-tracker-commits mailing list