[Git][security-tracker-team/security-tracker][master] Process some new NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Mar 29 20:28:08 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4c5b939 by Salvatore Bonaccorso at 2026-03-29T21:27:39+02:00
Process some new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2026-5037 (A vulnerability was determined in mxml up to 4.0.4. This issue af
 CVE-2026-5036 (A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerabilit ...)
 	NOT-FOR-US: Tenda
 CVE-2026-34005 (In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11  ...)
-	TODO: check
+	NOT-FOR-US: Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices
 CVE-2026-33575 (OpenClaw before 2026.3.12 embeds long-lived shared gateway credentials ...)
 	NOT-FOR-US: OpenClaw
 CVE-2026-33574 (OpenClaw before 2026.3.8 contains a path traversal vulnerability in th ...)
@@ -57,11 +57,11 @@ CVE-2026-32915 (OpenClaw before 2026.3.11 contains a sandbox boundary bypass vul
 CVE-2026-32914 (OpenClaw before 2026.3.12 contains an insufficient access control vuln ...)
 	NOT-FOR-US: OpenClaw
 CVE-2026-0562 (A critical security vulnerability in parisneo/lollms versions up to 2. ...)
-	TODO: check
+	NOT-FOR-US: parisneo/lollms
 CVE-2026-0560 (A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/ ...)
-	TODO: check
+	NOT-FOR-US: parisneo/lollms
 CVE-2026-0558 (A vulnerability in parisneo/lollms, up to and including version 2.2.0, ...)
-	TODO: check
+	NOT-FOR-US: parisneo/lollms
 CVE-2026-23400 (In the Linux kernel, the following vulnerability has been resolved:  r ...)
 	- linux 6.19.10-1
 	[trixie] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4c5b939177e2a71b0f2762c6931d48e41680bec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4c5b939177e2a71b0f2762c6931d48e41680bec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260329/ac166419/attachment.htm>

More information about the debian-security-tracker-commits mailing list