[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 9 08:19:37 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aaf54b87 by Salvatore Bonaccorso at 2026-05-09T09:18:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2026-8209 (Gibbon versions before v30.0.01 are affected by a path traversal vulne ...)
-	TODO: check
+	NOT-FOR-US: Gibbon
 CVE-2026-8208 (Gibbon versions before v30.0.01 are affected by a local file inclusion ...)
-	TODO: check
+	NOT-FOR-US: Gibbon
 CVE-2026-8207 (Gibbon versions beforev30.0.01 are affected by an authenticated SQL In ...)
-	TODO: check
+	NOT-FOR-US: Gibbon
 CVE-2026-7807 (SmarterTools SmarterMail builds prior to 9560 contain a local file inc ...)
-	TODO: check
+	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2026-7652 (The LatePoint plugin for WordPress is vulnerable to Account Takeover v ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-6667 (PgBouncer before 1.25.2 did not perform an appropriate authorization c ...)
@@ -59,13 +59,13 @@ CVE-2026-42351 (pygeoapi is a Python server implementation of the OGC API suite
 CVE-2026-42350 (Kargo manages and automates the promotion of software artifacts. Prior ...)
 	TODO: check
 CVE-2026-42346 (Postiz is an AI social media scheduling tool. From version 2.16.6 to b ...)
-	TODO: check
+	NOT-FOR-US: Postiz
 CVE-2026-42345 (FastGPT is an AI Agent building platform. In versions 4.14.11 and prio ...)
-	TODO: check
+	NOT-FOR-US: FastGPT
 CVE-2026-42344 (FastGPT is an AI Agent building platform. In versions 4.14.11 and prio ...)
-	TODO: check
+	NOT-FOR-US: FastGPT
 CVE-2026-42343 (FastGPT is an AI Agent building platform. In versions 4.14.13 and prio ...)
-	TODO: check
+	NOT-FOR-US: FastGPT
 CVE-2026-42339 (New API is a large language mode (LLM) gateway and artificial intellig ...)
 	TODO: check
 CVE-2026-42311 (Pillow is a Python imaging library. From version 10.3.0 to before vers ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaf54b8759a0dd14fc7112da1194e8cc2e00db39

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaf54b8759a0dd14fc7112da1194e8cc2e00db39
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260509/776ef3b4/attachment.htm>

More information about the debian-security-tracker-commits mailing list