[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 5 08:42:51 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
48fa6420 by Salvatore Bonaccorso at 2026-05-05T09:38:30+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
 CVE-2026-7824 (An issue was discovered in the PaperCut Hive Ricoh embedded applicatio ...)
-	TODO: check
+	NOT-FOR-US: PaperCut
 CVE-2026-7823 (A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b202 ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2026-7822 (A vulnerability was identified in itsourcecode Courier Management Syst ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2026-7812 (A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906 ...)
-	TODO: check
+	NOT-FOR-US: 54yyyu code-mcp
 CVE-2026-7811 (A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a11 ...)
-	TODO: check
+	NOT-FOR-US: 54yyyu code-mcp
 CVE-2026-7810 (A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815 ...)
-	TODO: check
+	NOT-FOR-US: python-notebook-mcp
 CVE-2026-7791 (Improper privilege management in the log rotation mechanism of the Sky ...)
 	NOT-FOR-US: Amazon
 CVE-2026-7788 (A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up t ...)
-	TODO: check
+	NOT-FOR-US: Axle-Bucamp MCP-Docusaurus
 CVE-2026-7785 (A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf6 ...)
-	TODO: check
+	NOT-FOR-US: A-G-U-P-T-A wireshark-mcp
 CVE-2026-7784 (A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This ...)
-	TODO: check
+	NOT-FOR-US: RTGS2017 NagaAgent
 CVE-2026-7783 (A flaw has been found in CodeCanyon Perfex CRM up to 3.4.1. This vulne ...)
-	TODO: check
+	NOT-FOR-US: CodeCanyon Perfex CRM
 CVE-2026-7782 (A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. Thi ...)
-	TODO: check
+	NOT-FOR-US: CodeCanyon Perfex CRM
 CVE-2026-7781 (A security vulnerability has been detected in Open5GS up to 2.7.7. Aff ...)
 	TODO: check
 CVE-2026-7780 (A weakness has been identified in Open5GS up to 2.7.7. Affected by thi ...)
@@ -31,7 +31,7 @@ CVE-2026-7779 (A security flaw has been discovered in Open5GS up to 2.7.7. Affec
 CVE-2026-7776 (Boundary Community Edition and Boundary Enterprise (\u201cBoundary\u20 ...)
 	TODO: check
 CVE-2026-7768 (@fastify/accepts-serializer cached serializer-selection results keyed  ...)
-	TODO: check
+	NOT-FOR-US: @fastify/accepts-serializer
 CVE-2026-7750 (A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This  ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2026-7749 (A security vulnerability has been detected in Totolink N300RH 3.2.4-B2 ...)
@@ -43,15 +43,15 @@ CVE-2026-7747 (A security flaw has been discovered in Totolink N300RH 3.2.4-B202
 CVE-2026-7746 (A vulnerability was identified in SourceCodester Web-based Pharmacy Pr ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-7745 (A vulnerability was determined in CodeAstro Online Classroom 1.0. This ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Online Classroom
 CVE-2026-7744 (A vulnerability was found in CodeAstro Online Classroom 1.0. This affe ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Online Classroom
 CVE-2026-7743 (A vulnerability has been found in CodeAstro Online Classroom 1.0. The  ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Online Classroom
 CVE-2026-7742 (A flaw has been found in CodeAstro Online Classroom 1.0. The affected  ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Online Classroom
 CVE-2026-7741 (A vulnerability was detected in CodeAstro Online Classroom 1.0. Impact ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Online Classroom
 CVE-2026-7482 (Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability  ...)
 	TODO: check
 CVE-2026-6704 (The Blog Settings plugin for WordPress is vulnerable to Reflected Cros ...)
@@ -67,11 +67,11 @@ CVE-2026-6696 (The Zingaya Click-to-Call plugin for WordPress is vulnerable to R
 CVE-2026-6501 (Improper restriction of XML external entity reference vulnerability in ...)
 	TODO: check
 CVE-2026-6500 (Plaintext storage of a password vulnerability in ILM Informatique Open ...)
-	TODO: check
+	NOT-FOR-US: OpenConcerto
 CVE-2026-6499 (Incorrect Permission Assignment for Critical Resource vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: OpenConcerto
 CVE-2026-6418 (An issue was discovered in the Shared Account Synchronization componen ...)
-	TODO: check
+	NOT-FOR-US: PaperCut
 CVE-2026-6321 (fast-uri decoded percent-encoded path separators and dot segments befo ...)
 	TODO: check
 CVE-2026-6266 (A flaw was found in the AAP gateway. The user auto-link strategy, intr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48fa64201a409a62d322595f7ede9f78cb85318c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48fa64201a409a62d322595f7ede9f78cb85318c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260505/d0219865/attachment.htm>

More information about the debian-security-tracker-commits mailing list