[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 9 10:58:39 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
29bfdd4c by Salvatore Bonaccorso at 2026-05-09T11:57:07+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25,9 +25,9 @@ CVE-2026-45130 (Vim is an open source, command line text editor. Prior to versio
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-q4jv-r9gj-6cwv
 	NOTE: Fixed by: https://github.com/vim/vim/commit/92993329178cb1f72d700fff45ca86e1c2d369f8 (v9.2.0450)
 CVE-2026-44987 (SysReptor is a fully customizable pentest reporting platform. Prior to ...)
-	TODO: check
+	NOT-FOR-US: SysReptor
 CVE-2026-44694 (n8n-MCP is an MCP server that provides AI assistants access to n8n nod ...)
-	TODO: check
+	NOT-FOR-US: n8n-MCP
 CVE-2026-44656 (Vim is an open source, command line text editor. Prior to version 9.2. ...)
 	- vim <unfixed>
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-hwg5-3cxw-wvvg
@@ -57,13 +57,13 @@ CVE-2026-42453 (Termix is a web-based server management platform with SSH termin
 CVE-2026-42452 (Termix is a web-based server management platform with SSH terminal, tu ...)
 	NOT-FOR-US: Termix
 CVE-2026-42451 (Grimmory is a self-hosted digital library. Prior to version 2.3.1, a s ...)
-	TODO: check
+	NOT-FOR-US: grimmory
 CVE-2026-42354 (Sentry is an error tracking and performance monitoring tool. From vers ...)
 	NOT-FOR-US: Sentry
 CVE-2026-42352 (pygeoapi is a Python server implementation of the OGC API suite of sta ...)
-	TODO: check
+	NOT-FOR-US: pygeoapi
 CVE-2026-42351 (pygeoapi is a Python server implementation of the OGC API suite of sta ...)
-	TODO: check
+	NOT-FOR-US: pygeoapi
 CVE-2026-42350 (Kargo manages and automates the promotion of software artifacts. Prior ...)
 	NOT-FOR-US: Kargo
 CVE-2026-42346 (Postiz is an AI social media scheduling tool. From version 2.16.6 to b ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29bfdd4c2767c92f82d7e888a3157d52bfbe127e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29bfdd4c2767c92f82d7e888a3157d52bfbe127e
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260509/a989a69a/attachment.htm>

More information about the debian-security-tracker-commits mailing list