[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 7 08:35:55 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
39ebae90 by Salvatore Bonaccorso at 2026-05-07T09:34:30+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,9 +6,9 @@ CVE-2026-8063 (An authenticated user can crash mongod when running $rankFusion o
 	- mongodb <removed>
 	NOTE: https://jira.mongodb.org/browse/SERVER-121851
 CVE-2026-8033 (A vulnerability has been found in PicoTronica e-Clinic Healthcare Syst ...)
-	TODO: check
+	NOT-FOR-US: PicoTronica e-Clinic Healthcare System ECHS
 CVE-2026-8032 (A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5 ...)
-	TODO: check
+	NOT-FOR-US: PicoTronica e-Clinic Healthcare System ECHS
 CVE-2026-7252 (The WP-Optimize \u2013 Cache, Compress images, Minify & Clean database ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-6692 (The Slider Revolution plugin for WordPress is vulnerable to Arbitrary  ...)
@@ -106,11 +106,11 @@ CVE-2026-42217 (OpenEXR provides the specification and reference implementation
 CVE-2026-42216 (OpenEXR provides the specification and reference implementation of the ...)
 	TODO: check
 CVE-2026-42194 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41891 (CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production ...)
-	TODO: check
+	NOT-FOR-US: CI4MS
 CVE-2026-41890 (CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production ...)
-	TODO: check
+	NOT-FOR-US: CI4MS
 CVE-2026-41675 (xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core)  ...)
 	TODO: check
 CVE-2026-41674 (xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core)  ...)
@@ -120,55 +120,55 @@ CVE-2026-41673 (xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2
 CVE-2026-41672 (xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core)  ...)
 	TODO: check
 CVE-2026-41671 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41670 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41669 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41663 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41662 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41661 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41660 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41659 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41658 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41657 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41656 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41655 (Admidio is an open-source user management solution. Prior to version 5 ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2026-41641 (NocoBase is an AI-powered no-code/low-code platform for building busin ...)
-	TODO: check
+	NOT-FOR-US: NocoBase
 CVE-2026-41640 (NocoBase is an AI-powered no-code/low-code platform for building busin ...)
-	TODO: check
+	NOT-FOR-US: NocoBase
 CVE-2026-41587 (CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production ...)
-	TODO: check
+	NOT-FOR-US: CI4MS
 CVE-2026-41586 (Hyperledger Fabric is an enterprise-grade permissioned distributed led ...)
-	TODO: check
+	NOT-FOR-US: Hyperledger Fabric
 CVE-2026-41484 (OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends tele ...)
-	TODO: check
+	NOT-FOR-US: OpenTelemetry.Exporter.OneCollector
 CVE-2026-41483 (OpenTelemetry.Resources.Azure is the .NET resource detector for Azure  ...)
-	TODO: check
+	NOT-FOR-US: OpenTelemetry.Resources.Azure
 CVE-2026-41417 (Netty allows request-line validation to be bypassed when a `DefaultHtt ...)
 	TODO: check
 CVE-2026-41413 (Istio is an open platform to connect, manage, and secure microservices ...)
-	TODO: check
+	NOT-FOR-US: Istio
 CVE-2026-41310 (OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTele ...)
-	TODO: check
+	NOT-FOR-US: OpenTelemetry.Exporter.Zipkin
 CVE-2026-41203 (CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production ...)
-	TODO: check
+	NOT-FOR-US: CI4MS
 CVE-2026-41202 (CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production ...)
-	TODO: check
+	NOT-FOR-US: CI4MS
 CVE-2026-41201 (CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production ...)
-	TODO: check
+	NOT-FOR-US: CI4MS
 CVE-2026-41143 (YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWi ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2026-41142 (OpenEXR provides the specification and reference implementation of the ...)
 	TODO: check
 CVE-2026-41139 (Math.js is an extensive math library for JavaScript and Node.js. From  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39ebae904dece2a7b36cdb268645ba3c8c2e5dca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39ebae904dece2a7b36cdb268645ba3c8c2e5dca
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260507/8561f51b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list