[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed May 13 14:38:26 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
616492e7 by Salvatore Bonaccorso at 2026-05-13T15:38:11+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -124,21 +124,21 @@ CVE-2026-44296 (Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.16
 CVE-2026-44262 (Scramble generates API documentation for Laravel project. From 0.13.2  ...)
 	TODO: check
 CVE-2026-44260 (efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the read ...)
-	TODO: check
+	NOT-FOR-US: efw4.X
 CVE-2026-44259 (efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the prev ...)
-	TODO: check
+	NOT-FOR-US: efw4.X
 CVE-2026-44258 (efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the elfi ...)
-	TODO: check
+	NOT-FOR-US: efw4.X
 CVE-2026-44257 (efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, efw.file ...)
-	TODO: check
+	NOT-FOR-US: efw4.X
 CVE-2026-44246 (nnU-Net is a semantic segmentation framework that automatically adapts ...)
 	TODO: check
 CVE-2026-44245 (Kyverno is a policy engine designed for cloud native platform engineer ...)
-	TODO: check
+	NOT-FOR-US: Kyverno
 CVE-2026-44242 (Micronaut Framework is a JVM-based full stack Java framework designed  ...)
-	TODO: check
+	NOT-FOR-US: Micronaut Framework
 CVE-2026-44241 (Micronaut Framework is a JVM-based full stack Java framework designed  ...)
-	TODO: check
+	NOT-FOR-US: Micronaut Framework
 CVE-2026-44240 (basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is v ...)
 	TODO: check
 CVE-2026-44232 (DSSRF is a Node.js library that provides a wide range of utilities and ...)
@@ -152,7 +152,7 @@ CVE-2026-44223 (vLLM is an inference and serving engine for large language model
 CVE-2026-44222 (vLLM is an inference and serving engine for large language models (LLM ...)
 	- vllm <itp> (bug #1095237)
 CVE-2026-44221 (ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users an ...)
-	TODO: check
+	NOT-FOR-US: ArcadeDB
 CVE-2026-44220 (ciguard is a static security auditor for CI/CD pipelines. From 0.8.0 t ...)
 	TODO: check
 CVE-2026-44219 (ciguard is a static security auditor for CI/CD pipelines. From 0.6.0 t ...)
@@ -162,7 +162,7 @@ CVE-2026-44218 (ciguard is a static security auditor for CI/CD pipelines. From 0
 CVE-2026-44217 (sse-channel is an SSE-implementation which can be used to any node.js  ...)
 	TODO: check
 CVE-2026-44215 (NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0. ...)
-	TODO: check
+	NOT-FOR-US: NanaZip
 CVE-2026-44015 (Nginx UI is a web user interface for the Nginx web server. In 2.3.4 an ...)
 	TODO: check
 CVE-2026-44012 (Craft CMS is a content management system (CMS). From 5.0.0-RC1 to befo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/616492e76cfb6016cb0251208a340d30250025ad

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/616492e76cfb6016cb0251208a340d30250025ad
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260513/de4d565e/attachment.htm>
