[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed May 6 07:56:45 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6789ffb1 by Salvatore Bonaccorso at 2026-05-06T08:56:06+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -144,19 +144,19 @@ CVE-2026-29168 (Allocation of Resources Without Limits or Throttling vulnerabili
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-29168
 	NOTE: https://github.com/apache/httpd/commit/5b1edb79aa2d0f8e4424de64879c46c1942e460a (2.4.67-rc1-candidate)
 CVE-2026-28510 (eLabFTW is an open source electronic lab notebook. In elabftw versions ...)
-	TODO: check
+	NOT-FOR-US: eLabFTW
 CVE-2026-27960 (OpenCTI is an open source platform for managing cyber threat intellige ...)
-	TODO: check
+	NOT-FOR-US: OpenCTI
 CVE-2026-27694 (Traccar is an open source GPS tracking system. In org.traccar:traccar  ...)
-	TODO: check
+	NOT-FOR-US: Traccar
 CVE-2026-27693 (Traccar is an open source GPS tracking system. In org.traccar:traccar  ...)
-	TODO: check
+	NOT-FOR-US: Traccar
 CVE-2026-27644 (Traccar is an open source GPS tracking system. In versions between 6.1 ...)
-	TODO: check
+	NOT-FOR-US: Traccar
 CVE-2026-25589 (RedisBloom is a probabilistic data structures module for Redis. In all ...)
-	TODO: check
+	NOT-FOR-US: RedisBloom
 CVE-2026-25588 (RedisTimeSeries is a time-series module for Redis. In all versions bef ...)
-	TODO: check
+	NOT-FOR-US: RedisTimeSeries Redis module
 CVE-2026-25243 (Redis is an in-memory data structure store. In versions of redis-serve ...)
 	TODO: check
 CVE-2026-23631 (Redis is an in-memory data structure store. In all versions of redis-s ...)
@@ -164,23 +164,23 @@ CVE-2026-23631 (Redis is an in-memory data structure store. In all versions of r
 CVE-2026-23479 (Redis is an in-memory data structure store. In redis-server from 7.2.0 ...)
 	TODO: check
 CVE-2025-66369 (An issue was discovered in MM in Samsung Mobile Processor, Wearable Pr ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2025-61669 (Jupyter Server is the backend for Jupyter web applications. In jupyter ...)
 	TODO: check
 CVE-2025-52206 (ISPConfig 3.3.0 is vulnerable to Cross Site Scripting (XSS) via the sy ...)
-	TODO: check
+	NOT-FOR-US: ISPConfig
 CVE-2025-42611 (RouterOS provides various services that rely on correct verification o ...)
-	TODO: check
+	NOT-FOR-US: RouterOS
 CVE-2023-54349 (AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: AmazCart CMS
 CVE-2023-54348 (ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows auth ...)
-	TODO: check
+	NOT-FOR-US: ERPGo SaaS
 CVE-2023-54347 (OpenEMR 7.0.1 contains an authentication brute force vulnerability tha ...)
 	NOT-FOR-US: OpenEMR
 CVE-2023-54346 (WordPress Plugin Backup Migration 1.2.8 contains an information disclo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-54345 (Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Frappe Framework ERPNext
 CVE-2023-54344 (Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code executio ...)
 	TODO: check
 CVE-2023-54342 (Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code e ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6789ffb14545e2b6fd7226d85e8669cab1577ee4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6789ffb14545e2b6fd7226d85e8669cab1577ee4
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/6f5bf129/attachment-0001.htm>
