[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Sat May 9 08:14:06 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
41a60c59 by security tracker role at 2026-05-09T07:13:59+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2026-8207 (Gibbon versions beforev30.0.01 are affected by an authenticated S
 CVE-2026-7807 (SmarterTools SmarterMail builds prior to 9560 contain a local file inc ...)
 	TODO: check
 CVE-2026-7652 (The LatePoint plugin for WordPress is vulnerable to Account Takeover v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6667 (PgBouncer before 1.25.2 did not perform an appropriate authorization c ...)
 	TODO: check
 CVE-2026-6666 (A possible null pointer reference in PgBouncer before 1.25.2 could lea ...)
@@ -25,7 +25,7 @@ CVE-2026-44694 (n8n-MCP is an MCP server that provides AI assistants access to n
 CVE-2026-44656 (Vim is an open source, command line text editor. Prior to version 9.2. ...)
 	TODO: check
 CVE-2026-44400 (MailEnable Enterprise Premium 10.55 and earlier contains an improper a ...)
-	TODO: check
+	NOT-FOR-US: MailEnable
 CVE-2026-44313 (Linkwarden is a self-hosted, open-source collaborative bookmark manage ...)
 	TODO: check
 CVE-2026-44286 (FastGPT is an AI Agent building platform. Prior to version 4.14.17, an ...)
@@ -95,9 +95,9 @@ CVE-2026-42294 (Argo Workflows is an open source container-native workflow engin
 CVE-2026-42291 (SysReptor is a fully customizable pentest reporting platform. From ver ...)
 	TODO: check
 CVE-2026-42287 (Emlog is an open source website building system. Prior to version 2.6. ...)
-	TODO: check
+	NOT-FOR-US: Emlog
 CVE-2026-42286 (Emlog is an open source website building system. Prior to version 2.6. ...)
-	TODO: check
+	NOT-FOR-US: Emlog
 CVE-2026-42282 (n8n-MCP is an MCP server that provides AI assistants access to n8n nod ...)
 	TODO: check
 CVE-2026-42224 (ipl/web is a set of common web components for php projects. Prior to v ...)
@@ -147,11 +147,11 @@ CVE-2026-42069 (Kirby is an open-source content management system. Prior to vers
 CVE-2026-42051 (Kirby is an open-source content management system. Prior to versions 4 ...)
 	TODO: check
 CVE-2026-41705 (Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnera ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2026-41520 (Cilium is a networking, observability, and security solution with an e ...)
 	TODO: check
 CVE-2026-41517 (Emlog is an open source website building system. Prior to version 2.6. ...)
-	TODO: check
+	NOT-FOR-US: Emlog
 CVE-2026-41495 (n8n-MCP is an MCP server that provides AI assistants access to n8n nod ...)
 	TODO: check
 CVE-2026-41486 (Ray is an AI compute engine. From version 2.54.0 to before version 2.5 ...)
@@ -161,9 +161,9 @@ CVE-2026-41432 (New API is a large language mode (LLM) gateway and artificial in
 CVE-2026-41311 (LiquidJS is a Shopify / GitHub Pages compatible template engine in pur ...)
 	TODO: check
 CVE-2025-15634 (A missing authorization vulnerability in HCL BigFix WebUI allows an au ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2025-15633 (An improper authorization vulnerability in HCL BigFix WebUI allows an  ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2026-XXXX [Fix security vulnerabilities and code quality issues in 9.8]
 	- calibre 9.8.0+ds+~0.10.5-1 (bug #1135543)
 	NOTE: https://github.com/kovidgoyal/calibre/commit/b0c4ba19686232d5bff99d58ce6019546ef4d166



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41a60c59f76db2e894ec43a12ef5f4024a72f417

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41a60c59f76db2e894ec43a12ef5f4024a72f417
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260509/c3f97301/attachment-0001.htm>
