[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8335138d by Salvatore Bonaccorso at 2026-05-06T22:43:32+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2026-8031 (A vulnerability was detected in PicoTronica e-Clinic Healthcare System ...)
-	TODO: check
+	NOT-FOR-US: PicoTronica e-Clinic Healthcare System
 CVE-2026-8028 (A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This a ...)
-	TODO: check
+	NOT-FOR-US: FlowiseAI Flowise
 CVE-2026-8027 (A weakness has been identified in FlowiseAI Flowise up to 3.0.12. Affe ...)
-	TODO: check
+	NOT-FOR-US: FlowiseAI Flowise
 CVE-2026-8026 (A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. ...)
-	TODO: check
+	NOT-FOR-US: FlowiseAI Flowise
 CVE-2026-8022 (Inappropriate implementation in MHTML in Google Chrome prior to 148.0. ...)
 	- chromium <unfixed>
 	[bullseye] - chromium <end-of-life> (see #1061268)
@@ -388,9 +388,9 @@ CVE-2026-7896 (Integer overflow in Blink in Google Chrome prior to 148.0.7778.96
 	- chromium <unfixed>
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-7875 (NanoClaw contains a host/container filesystem boundary vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: NanoClaw
 CVE-2026-7841 (A remote code execution vulnerability exists in Notification Settings  ...)
-	TODO: check
+	NOT-FOR-US: GeoVision GV-ASWeb
 CVE-2026-7457 (The LatePoint plugin for WordPress is vulnerable to Stored Cross-Site  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-7448 (The LatePoint \u2013 Calendar Booking Plugin for Appointments and Even ...)
@@ -398,7 +398,7 @@ CVE-2026-7448 (The LatePoint \u2013 Calendar Booking Plugin for Appointments and
 CVE-2026-7332 (The LatePoint \u2013 Calendar Booking Plugin for Appointments and Even ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-6863 (Velociraptor versions prior to 0.76.4 contain a cross organization aut ...)
-	TODO: check
+	NOT-FOR-US: Velociraptor
 CVE-2026-6860 (A TCP client can perform a TLS handshake and present the server name e ...)
 	NOT-FOR-US: Eclipse
 CVE-2026-6788 (Uncontrolled Search Path Element vulnerabilityin WatchGuard Agent on W ...)
@@ -408,7 +408,7 @@ CVE-2026-6787 (Use of Hard-coded Cryptographic Key vulnerability in WatchGuard A
 CVE-2026-6672 (The Affiliate Program Suite \u2014 SliceWP Affiliates plugin for WordP ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-6420 (A flaw was found in Keylime. An attacker with root access on an enroll ...)
-	TODO: check
+	NOT-FOR-US: Keylime
 CVE-2026-6344 (The Fluent Forms plugin for WordPress is vulnerable to Arbitrary File  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-6210 (A type confusion vulnerability in Qt SVG allows an attacker to cause a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8335138d48cccf161a40a0b2ca63da8d57e656af

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8335138d48cccf161a40a0b2ca63da8d57e656af
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/d704ac98/attachment-0001.htm>