[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Sat Mar 28 11:09:29 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d5b63dce by Salvatore Bonaccorso at 2026-03-28T12:09:19+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -477,21 +477,21 @@ CVE-2026-32678 (Authentication bypass issue exists in BUFFALO Wi-Fi router produ
 CVE-2026-32669 (Code injection vulnerability exists in BUFFALO Wi-Fi router products.  ...)
 	NOT-FOR-US: BUFFALO
 CVE-2026-32241 (Flannel is a network fabric for containers, designed for Kubernetes. T ...)
-	TODO: check
+	NOT-FOR-US: Flannel
 CVE-2026-32187 (Microsoft Edge (Chromium-based) Defense in Depth Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2026-31951 (LibreChat is a ChatGPT clone with additional features. In versions 0.8 ...)
-	TODO: check
+	NOT-FOR-US: LibreChat
 CVE-2026-31950 (LibreChat is a ChatGPT clone with additional features. In versions 0.8 ...)
-	TODO: check
+	NOT-FOR-US: LibreChat
 CVE-2026-31945 (LibreChat is a ChatGPT clone with additional features. Versions 0.8.2- ...)
-	TODO: check
+	NOT-FOR-US: LibreChat
 CVE-2026-31943 (LibreChat is a ChatGPT clone with additional features. Prior to versio ...)
-	TODO: check
+	NOT-FOR-US: LibreChat
 CVE-2026-30689 (A blog.admin v.8.0 and before system's getinfobytoken API interface co ...)
-	TODO: check
+	NOT-FOR-US: blog.admin
 CVE-2026-30637 (Server-Side Request Forgery (SSRF) vulnerability exists in the AnnounC ...)
-	TODO: check
+	NOT-FOR-US: OTCMS
 CVE-2026-30576 (A Business Logic vulnerability exists in SourceCodester Pharmacy Produ ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-30575 (A Business Logic vulnerability exists in SourceCodester Pharmacy Produ ...)
@@ -529,19 +529,19 @@ CVE-2026-30304 (In its design for automatic terminal command execution, AI Code
 CVE-2026-30303 (The command auto-approval module in Axon Code contains an OS Command I ...)
 	TODO: check
 CVE-2026-30302 (The command auto-approval module in CodeRider-Kilo contains an OS Comm ...)
-	TODO: check
+	NOT-FOR-US: CodeRider-Kilo
 CVE-2026-29871 (A path traversal vulnerability exists in the awesome-llm-apps project  ...)
-	TODO: check
+	NOT-FOR-US: awesome-llm-apps project
 CVE-2026-29180 (Fleet is open source device management software. Prior to 4.81.1, a br ...)
-	TODO: check
+	NOT-FOR-US: Fleet
 CVE-2026-29071 (Open WebUI is a self-hosted artificial intelligence platform designed  ...)
-	TODO: check
+	NOT-FOR-US: Open WebUI
 CVE-2026-29070 (Open WebUI is a self-hosted artificial intelligence platform designed  ...)
-	TODO: check
+	NOT-FOR-US: Open WebUI
 CVE-2026-28788 (Open WebUI is a self-hosted artificial intelligence platform designed  ...)
-	TODO: check
+	NOT-FOR-US: Open WebUI
 CVE-2026-28786 (Open WebUI is a self-hosted artificial intelligence platform designed  ...)
-	TODO: check
+	NOT-FOR-US: Open WebUI
 CVE-2026-28375 (A testdata data-source can be used to trigger out-of-memory crashes in ...)
 	TODO: check
 CVE-2026-28369 (A flaw was found in Undertow. When Undertow receives an HTTP request w ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5b63dce974dcdc7b7819cbf5953871973ceeff2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5b63dce974dcdc7b7819cbf5953871973ceeff2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260328/d0615efd/attachment-0001.htm>
