[Git][security-tracker-team/security-tracker][master] NFUs

Mon May 18 09:13:45 BST 2026


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
41a79425 by Moritz Muehlenhoff at 2026-05-18T10:13:19+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2026-8786 (A vulnerability has been found in Tencent WeKnora up to 0.3.6. Af
 CVE-2026-8785 (A flaw has been found in projectworlds hospital-management-system-in-p ...)
 	NOT-FOR-US: Project Worlds
 CVE-2026-8784 (A vulnerability was detected in npitre cramfs-tools up to 2.2. Affecte ...)
-	TODO: check
+	NOT-FOR-US: cramfs-tools
 CVE-2026-8783 (A security vulnerability has been detected in omec-project amf up to 2 ...)
 	NOT-FOR-US: omec-project amf
 CVE-2026-8782 (A weakness has been identified in omec-project amf up to 2.1.3-dev. Th ...)
@@ -802,13 +802,13 @@ CVE-2025-66664 (Insufficient parameter sanitization in AMD Secure Processor (ASP
 CVE-2025-66660 (Insufficient parameter sanitization in TEE SOC Driver could allow an a ...)
 	NOT-FOR-US: AMD
 CVE-2025-54517 (Out of bounds write in AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2025-54511 (Improper handling of insufficient privileges in the AMD Secure Process ...)
 	TODO: check
 CVE-2025-52540 (An improper input validation vulnerability within the AMD Platform Man ...)
 	TODO: check
 CVE-2025-52532 (A race condition in the MxGPU-Virtualization driver\u2019s ioctl path  ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2025-48521 (Improper input validation in the AMD Secure Processor (ASP) PCI driver ...)
 	TODO: check
 CVE-2025-48520 (An improper input validation vulnerability within the AMD Platform Man ...)
@@ -2900,7 +2900,7 @@ CVE-2025-62624 (A heap-based buffer overflow in the ionic cloud driver for VMwar
 CVE-2025-62623 (A heap-based buffer overflow in the ionic cloud driver for VMware ESXi ...)
 	NOT-FOR-US: AMD
 CVE-2025-61972 (Missing lock bit protection for NBIO registers could allow a local adm ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2025-61971 (Missing lock bit protection for NBIO registers could allow a local adm ...)
 	TODO: check
 CVE-2025-15463 (The The Advanced Custom Fields: Extended plugin for WordPress is vulne ...)
@@ -3673,27 +3673,27 @@ CVE-2026-22924 (A vulnerability has been identified in SIMATIC CN 4100 (All vers
 CVE-2026-21530 (Double free in Windows Rich Text Edit allows an authorized attacker to ...)
 	NOT-FOR-US: Microsoft
 CVE-2026-20914 (Null pointer dereference for some Intel(R) QAT software drivers for Wi ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2026-20905 (Improper input validation for some Intel(R) QAT software drivers for W ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2026-20887 (Improper access control for some Intel Vision software for all version ...)
 	NOT-FOR-US: Intel
 CVE-2026-20881 (Divide by zero for some Intel(R) QAT software drivers for Windows befo ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2026-20879 (Out-of-bounds write for the Intel(R) Data Center Graphics Driver for V ...)
 	NOT-FOR-US: Intel
 CVE-2026-20794 (Buffer overflow for the Intel(R) Data Center Graphics Driver for VMwar ...)
 	NOT-FOR-US: Intel
 CVE-2026-20793 (Unchecked return value for some Intel(R) QAT software drivers for Wind ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2026-20782 (Buffer overflow for some Intel(R) QAT software drivers for Windows bef ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2026-20772 (Uncontrolled search path for some Intel(R) Connectivity Performance Su ...)
 	NOT-FOR-US: Intel
 CVE-2026-20771 (Null pointer dereference for some Intel(R) QAT software drivers for Wi ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2026-20767 (Improper input validation for some Intel(R) QAT software drivers for W ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2026-20754 (Improper conditions check in some firmware for some Intel(R) NPU Drive ...)
 	NOT-FOR-US: Intel
 CVE-2026-20753 (Integer overflow in the UEFI firmware for the Slim Bootloader may allo ...)
@@ -3705,19 +3705,19 @@ CVE-2026-20738 (Untrusted pointer dereference for some Intel(R) QuickAssist Adap
 CVE-2026-20718 (Incorrect default permissions for some Intel(R) NPU Driver software in ...)
 	NOT-FOR-US: Intel
 CVE-2026-20717 (Improper input validation for some Intel(R) QAT software drivers for W ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2026-20714 (Out-of-bounds write for some Intel(R) QAT software drivers for Windows ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2026-1934 (The Motors \u2013 Car Dealership & Classified Listings plugin for Word ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-70842 (A Stored Cross-Site Scripting (XSS) vulnerability was discovered in th ...)
 	NOT-FOR-US: FluentCMS
 CVE-2025-6577 (Improper neutralization of special elements used in an SQL command ('S ...)
-	TODO: check
+	NOT-FOR-US: Akilli
 CVE-2025-67604 (A use of potentially dangerous function vulnerability in Fortinet Fort ...)
 	NOT-FOR-US: Fortinet
 CVE-2025-65719 (An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to  ...)
-	TODO: check
+	NOT-FOR-US: Kubectl MCP Server
 CVE-2025-53870 (An improper neutralization of special elements used in an os command ( ...)
 	NOT-FOR-US: Fortinet
 CVE-2025-53844 (A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41a794252734c979b97d13111707709a580379fb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41a794252734c979b97d13111707709a580379fb
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260518/09958301/attachment.htm>
