[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 19 08:37:38 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
65a51085 by Salvatore Bonaccorso at 2026-05-19T09:36:57+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,27 +13,27 @@ CVE-2026-8813 (This affects versions of the package exifreader before 4.39.0. A
 CVE-2026-4137 (In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_ ...)
 	NOT-FOR-US: mlflow
 CVE-2026-47311 (Heap-based buffer overflow vulnerability in Samsung Open Source Escarg ...)
-	TODO: check
+	NOT-FOR-US: Escargot
 CVE-2026-47310 (Use after free vulnerability in Samsung Open Source Escargot allows Po ...)
-	TODO: check
+	NOT-FOR-US: Escargot
 CVE-2026-47309 (Uncontrolled Recursion vulnerability in Samsung Open Source Escargot a ...)
-	TODO: check
+	NOT-FOR-US: Escargot
 CVE-2026-47308 (NULL pointer dereference vulnerability in Samsung Open Source Walrus a ...)
 	TODO: check
 CVE-2026-47307 (NULL pointer dereference vulnerability in Samsung Open Source Walrus a ...)
 	TODO: check
 CVE-2026-47092 (Claude HUD through 0.0.12, patched in commit 234d9aa, contains a comma ...)
-	TODO: check
+	NOT-FOR-US: Claude HUD
 CVE-2026-47091 (Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path  ...)
-	TODO: check
+	NOT-FOR-US: Claude HUD
 CVE-2026-47090 (Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 ...)
-	TODO: check
+	NOT-FOR-US: Claude HUD
 CVE-2026-45246 (Summarize prior to 0.15.1 contains an insecure file permission vulnera ...)
-	TODO: check
+	NOT-FOR-US: Summarize
 CVE-2026-45245 (Summarize prior to 0.15.1 contains a vulnerability in the hover summar ...)
-	TODO: check
+	NOT-FOR-US: Summarize
 CVE-2026-45244 (Summarize prior to 0.15.1 contains a missing authorization vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Summarize
 CVE-2026-33565 (in OpenHarmony v6.0 and prior versions allow a local attacker cause DO ...)
 	NOT-FOR-US: OpenHarmony
 CVE-2026-33514 (Discourse is an open-source discussion platform. In versions prior to  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65a51085a0c4044ee1613ab02d35800d5ac2632e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65a51085a0c4044ee1613ab02d35800d5ac2632e
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260519/27033e90/attachment.htm>

More information about the debian-security-tracker-commits mailing list