[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Mar 24 20:15:02 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a7eaf739 by security tracker role at 2026-03-24T20:14:07+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,25 +23,25 @@ CVE-2026-33675 (Vikunja is an open-source self-hosted task management platform.
 CVE-2026-33668 (Vikunja is an open-source self-hosted task management platform. Starti ...)
 	TODO: check
 CVE-2026-33627 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33624 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33554 (ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows o ...)
 	TODO: check
 CVE-2026-33539 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33538 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33527 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33511 (pyLoad is a free and open-source download manager written in Python. F ...)
 	TODO: check
 CVE-2026-33509 (pyLoad is a free and open-source download manager written in Python. F ...)
 	TODO: check
 CVE-2026-33508 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33498 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33497 (Langflow is a tool for building and deploying AI-powered agents and wo ...)
 	TODO: check
 CVE-2026-33484 (Langflow is a tool for building and deploying AI-powered agents and wo ...)
@@ -53,9 +53,9 @@ CVE-2026-33474 (Vikunja is an open-source self-hosted task management platform.
 CVE-2026-33473 (Vikunja is an open-source self-hosted task management platform. Starti ...)
 	TODO: check
 CVE-2026-33429 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33421 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33419 (MinIO is a high-performance object storage system. Prior to RELEASE.20 ...)
 	TODO: check
 CVE-2026-33418 (DiceBear is an avatar library for designers and developers. Prior to v ...)
@@ -63,7 +63,7 @@ CVE-2026-33418 (DiceBear is an avatar library for designers and developers. Prio
 CVE-2026-33417 (Wallos is an open-source, self-hostable personal subscription tracker. ...)
 	TODO: check
 CVE-2026-33409 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33407 (Wallos is an open-source, self-hostable personal subscription tracker. ...)
 	TODO: check
 CVE-2026-33401 (Wallos is an open-source, self-hostable personal subscription tracker. ...)
@@ -99,7 +99,7 @@ CVE-2026-33329 (FileRise is a self-hosted web file manager / WebDAV server. From
 CVE-2026-33326 (Keystone is a content management system for Node.js. Prior to version  ...)
 	TODO: check
 CVE-2026-33323 (Parse Server is an open source backend that can be deployed to any inf ...)
-	TODO: check
+	NOT-FOR-US: Parse Server
 CVE-2026-33322 (MinIO is a high-performance object storage system. From RELEASE.2022-1 ...)
 	TODO: check
 CVE-2026-33316 (Vikunja is an open-source self-hosted task management platform. Prior  ...)
@@ -151,7 +151,7 @@ CVE-2026-2417 (A Missing Authentication for Critical Function vulnerability in P
 CVE-2026-29840 (JiZhiCMS v2.5.6 and before contains a Stored Cross-Site Scripting (XSS ...)
 	TODO: check
 CVE-2026-29839 (DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forger ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2026-29772 (Astro is a web framework. Prior to version 10.0.0, Astro's Server Isla ...)
 	TODO: check
 CVE-2026-28755 (NGINX Plus and NGINX Open Source have a vulnerability in the ngx_strea ...)
@@ -179,15 +179,15 @@ CVE-2026-23919 (For performance reasons Zabbix Server/Proxy reuses JavaScript (D
 CVE-2026-22559 (An Improper Input Validation vulnerability in UniFi Network Server may ...)
 	TODO: check
 CVE-2026-21783 (HCL Traveler is affected by sensitive information disclosure. The appl ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2026-1995 (IDrive\u2019s id_service.exe process runs with elevated privileges and ...)
 	TODO: check
 CVE-2025-71275 (Zimbra Collaboration Suite (ZCS) PostJournal service version 8.8.15 co ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2025-64998 (Exposure of session signing secret in Checkmk <2.4.0p23, <2.3.0p45 and ...)
 	TODO: check
 CVE-2025-11571 (Vulnerable endpoints accept user-controlled input through a URL in JSO ...)
-	TODO: check
+	NOT-FOR-US: Silicon Labs
 CVE-2019-25647 (PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in ...)
 	TODO: check
 CVE-2019-25646 (Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in th ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7eaf73961af9c0cfcccca5a791ac6fee9dfd42a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7eaf73961af9c0cfcccca5a791ac6fee9dfd42a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260324/ff099f1f/attachment.htm>

More information about the debian-security-tracker-commits mailing list