[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 9 09:33:43 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
301dcac4 by Salvatore Bonaccorso at 2026-05-09T10:33:12+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35,37 +35,37 @@ CVE-2026-44656 (Vim is an open source, command line text editor. Prior to versio
 CVE-2026-44400 (MailEnable Enterprise Premium 10.55 and earlier contains an improper a ...)
 	NOT-FOR-US: MailEnable
 CVE-2026-44313 (Linkwarden is a self-hosted, open-source collaborative bookmark manage ...)
-	TODO: check
+	NOT-FOR-US: Linkwarden
 CVE-2026-44286 (FastGPT is an AI Agent building platform. Prior to version 4.14.17, an ...)
-	TODO: check
+	NOT-FOR-US: FastGPT
 CVE-2026-44284 (FastGPT is an AI Agent building platform. Prior to version 4.14.17, Fa ...)
-	TODO: check
+	NOT-FOR-US: FastGPT
 CVE-2026-42560 (auth provides authentication via oauth2, direct and email. From versio ...)
 	TODO: check
 CVE-2026-42556 (Postiz is an AI social media scheduling tool. From version 2.21.6 to b ...)
-	TODO: check
+	NOT-FOR-US: Postiz
 CVE-2026-42461 (Arcane is an interface for managing Docker containers, images, network ...)
-	TODO: check
+	NOT-FOR-US: Arcane
 CVE-2026-42456 (AnythingLLM is an application that turns pieces of content into contex ...)
-	TODO: check
+	NOT-FOR-US: AnythingLLM
 CVE-2026-42455 (Linkwarden is a self-hosted, open-source collaborative bookmark manage ...)
-	TODO: check
+	NOT-FOR-US: Linkwarden
 CVE-2026-42454 (Termix is a web-based server management platform with SSH terminal, tu ...)
-	TODO: check
+	NOT-FOR-US: Termix
 CVE-2026-42453 (Termix is a web-based server management platform with SSH terminal, tu ...)
-	TODO: check
+	NOT-FOR-US: Termix
 CVE-2026-42452 (Termix is a web-based server management platform with SSH terminal, tu ...)
-	TODO: check
+	NOT-FOR-US: Termix
 CVE-2026-42451 (Grimmory is a self-hosted digital library. Prior to version 2.3.1, a s ...)
 	TODO: check
 CVE-2026-42354 (Sentry is an error tracking and performance monitoring tool. From vers ...)
-	TODO: check
+	NOT-FOR-US: Sentry
 CVE-2026-42352 (pygeoapi is a Python server implementation of the OGC API suite of sta ...)
 	TODO: check
 CVE-2026-42351 (pygeoapi is a Python server implementation of the OGC API suite of sta ...)
 	TODO: check
 CVE-2026-42350 (Kargo manages and automates the promotion of software artifacts. Prior ...)
-	TODO: check
+	NOT-FOR-US: Kargo
 CVE-2026-42346 (Postiz is an AI social media scheduling tool. From version 2.16.6 to b ...)
 	NOT-FOR-US: Postiz
 CVE-2026-42345 (FastGPT is an AI Agent building platform. In versions 4.14.11 and prio ...)
@@ -75,7 +75,7 @@ CVE-2026-42344 (FastGPT is an AI Agent building platform. In versions 4.14.11 an
 CVE-2026-42343 (FastGPT is an AI Agent building platform. In versions 4.14.13 and prio ...)
 	NOT-FOR-US: FastGPT
 CVE-2026-42339 (New API is a large language mode (LLM) gateway and artificial intellig ...)
-	TODO: check
+	NOT-FOR-US: New API
 CVE-2026-42311 (Pillow is a Python imaging library. From version 10.3.0 to before vers ...)
 	TODO: check
 CVE-2026-42310 (Pillow is a Python imaging library. From version 4.2.0 to before versi ...)
@@ -87,19 +87,19 @@ CVE-2026-42308 (Pillow is a Python imaging library. Prior to version 12.2.0, if
 CVE-2026-42307 (Vim is an open source, command line text editor. Prior to version 9.2. ...)
 	TODO: check
 CVE-2026-42302 (FastGPT is an AI Agent building platform. From version 4.14.10 to befo ...)
-	TODO: check
+	NOT-FOR-US: FastGPT
 CVE-2026-42301 (pyp2spec generates working Fedora RPM spec file for Python projects. P ...)
 	TODO: check
 CVE-2026-42298 (Postiz is an AI social media scheduling tool. Prior to commit da44801, ...)
-	TODO: check
+	NOT-FOR-US: Postiz
 CVE-2026-42297 (Argo Workflows is an open source container-native workflow engine for  ...)
-	TODO: check
+	NOT-FOR-US: Argo
 CVE-2026-42296 (Argo Workflows is an open source container-native workflow engine for  ...)
-	TODO: check
+	NOT-FOR-US: Argo
 CVE-2026-42295 (Argo Workflows is an open source container-native workflow engine for  ...)
-	TODO: check
+	NOT-FOR-US: Argo
 CVE-2026-42294 (Argo Workflows is an open source container-native workflow engine for  ...)
-	TODO: check
+	NOT-FOR-US: Argo
 CVE-2026-42291 (SysReptor is a fully customizable pentest reporting platform. From ver ...)
 	TODO: check
 CVE-2026-42287 (Emlog is an open source website building system. Prior to version 2.6. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/301dcac466ad6948722e03e4f15f508849139d30

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/301dcac466ad6948722e03e4f15f508849139d30
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260509/e2cf8eb3/attachment.htm>

More information about the debian-security-tracker-commits mailing list