[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 9 20:22:41 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e53b1782 by Salvatore Bonaccorso at 2026-05-09T21:22:15+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2026-8198 (The Activity Logs, User Activity Tracking, Multisite Activity Log from ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-8193 (A weakness has been identified in Akaunting 3.1.21. This issue affects ...)
-	TODO: check
+	NOT-FOR-US: Akaunting
 CVE-2026-8192 (A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425.  ...)
 	NOT-FOR-US: Wavlink
 CVE-2026-8191 (A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. This  ...)
@@ -17,7 +17,7 @@ CVE-2026-8187 (A flaw has been found in Open5GS up to 2.7.7. This impacts the fu
 CVE-2026-8186 (A vulnerability was detected in Open5GS up to 2.7.7. This affects the  ...)
 	TODO: check
 CVE-2026-8185 (A security vulnerability has been detected in UGREEN CM933 1.1.59.4319 ...)
-	TODO: check
+	NOT-FOR-US: UGREEN
 CVE-2026-3828 (Some Hikvision switch products (discontinued since December 2023) are  ...)
 	NOT-FOR-US: Hikvision
 CVE-2026-32683 (Some EZVIZ products utilize older versions of cloud feature modules wi ...)
@@ -369,17 +369,17 @@ CVE-2026-41070 (openvpn-auth-oauth2 is a plugin/management interface client for
 	NOTE: https://github.com/jkroepke/openvpn-auth-oauth2/security/advisories/GHSA-246w-jgmq-88fg
 	NOTE: https://github.com/jkroepke/openvpn-auth-oauth2/commit/36f69a6c67c1054da7cbfa04ced3f0555127c8f2 (v1.27.3)
 CVE-2026-3318 (Open redirection vulnerability in the latest demo version of the Cradl ...)
-	TODO: check
+	NOT-FOR-US: Cradle eCommerce platform
 CVE-2026-39816 (The optional extension component TinkerpopClientService is missing the ...)
 	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-38361 (An issue in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a  ...)
-	TODO: check
+	NOT-FOR-US: fohrloop dash-uploader
 CVE-2026-38360 (Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 th ...)
-	TODO: check
+	NOT-FOR-US: fohrloop dash-uploader
 CVE-2026-37431 (Beauty Parlour Management System v1.1 was discovered to contain a SQL  ...)
-	TODO: check
+	NOT-FOR-US: Beauty Parlour Management System
 CVE-2026-34354 (Akamai Guardicore Platform Agent (GPA) and Zero Trust Client on Linux  ...)
-	TODO: check
+	NOT-FOR-US: Akamai
 CVE-2026-32803 (Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 throug ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2026-29975 (lwjson 1.8.1 contains an improper input validation vulnerability in th ...)
@@ -2953,11 +2953,11 @@ CVE-2026-40001 (There is a local privilege escalation vulnerability in the ZTE P
 CVE-2026-36358 (Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a rem ...)
 	NOT-FOR-US: Juzaweb CMS
 CVE-2026-35255 (Vulnerability in the OracleCloud Native Environment Command Line Inter ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-35254 (Vulnerability in the Oracle OCI CLI product of Oracle Open Source Proj ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-35253 (Vulnerability in the Oracle Macoron Tool product of Oracle Open Source ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-34474 (Sensitive data exposure leading to admin/WLAN credential leak in ZTE Z ...)
 	NOT-FOR-US: ZTE
 CVE-2026-34473 (Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A,  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e53b17828a0531240f4275ba06ed086fef9a9b9f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e53b17828a0531240f4275ba06ed086fef9a9b9f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260509/18f9fd98/attachment.htm>

More information about the debian-security-tracker-commits mailing list