[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7c3a6996 by Salvatore Bonaccorso at 2026-05-30T09:39:33+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2026-9831 (A race condition in the shared Extreme Platform ONE IAM Gateway API-ke ...)
-	TODO: check
+	NOT-FOR-US: Extreme Networks
 CVE-2026-4387 (StrongDM Desktop Application before 23.74.0 (Desktop Client before 53. ...)
 	TODO: check
 CVE-2026-48811 (FreeScout is a free help desk and shared inbox built with PHP's Larave ...)
-	TODO: check
+	NOT-FOR-US: FreeScout
 CVE-2026-48810 (FreeScout is a free help desk and shared inbox built with PHP's Larave ...)
-	TODO: check
+	NOT-FOR-US: FreeScout
 CVE-2026-48557 (Spatie Laravel Media Library before version 11.23.0 contains a file up ...)
-	TODO: check
+	NOT-FOR-US: Spatie Laravel Media Library
 CVE-2026-48555 (Spatie Laravel Media Library before version 11.23.0 contains a server- ...)
-	TODO: check
+	NOT-FOR-US: Spatie Laravel Media Library
 CVE-2026-47266 (Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3 ...)
-	TODO: check
+	NOT-FOR-US: Formie Craft CMS plugin
 CVE-2026-47123 (FreeScout is a free help desk and shared inbox built with PHP's Larave ...)
-	TODO: check
+	NOT-FOR-US: FreeScout
 CVE-2026-46599 (The TIFF decoder does not place a limit on the size of PackBits-compre ...)
 	TODO: check
 CVE-2026-46527 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
@@ -25,19 +25,19 @@ CVE-2026-46384 (iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, severa
 CVE-2026-45700 (FreeRDP is a free implementation of the Remote Desktop Protocol. Prior ...)
 	TODO: check
 CVE-2026-45697 (Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3 ...)
-	TODO: check
+	NOT-FOR-US: Formie Craft CMS plugin
 CVE-2026-45613 (Rizin is a UNIX-like reverse engineering framework and command-line to ...)
-	TODO: check
+	NOT-FOR-US: Rizin
 CVE-2026-45372 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
 	TODO: check
 CVE-2026-45352 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
 	TODO: check
 CVE-2026-45324 (Rizin is a UNIX-like reverse engineering framework and command-line to ...)
-	TODO: check
+	NOT-FOR-US: Rizin
 CVE-2026-45294 (FreeScout is a free help desk and shared inbox built with PHP's Larave ...)
-	TODO: check
+	NOT-FOR-US: FreeScout
 CVE-2026-45151 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform.  ...)
-	TODO: check
+	NOT-FOR-US: NanoMQ MQTT Broker (NanoMQ)
 CVE-2026-45149 (The brace-expansion library generates arbitrary strings containing a c ...)
 	TODO: check
 CVE-2026-44640 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform.  ...)
@@ -49,9 +49,9 @@ CVE-2026-44421 (FreeRDP is a free implementation of the Remote Desktop Protocol.
 CVE-2026-44420 (FreeRDP is a free implementation of the Remote Desktop Protocol. Prior ...)
 	TODO: check
 CVE-2026-44287 (FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the J ...)
-	TODO: check
+	NOT-FOR-US: FastGPT
 CVE-2026-44285 (FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Ser ...)
-	TODO: check
+	NOT-FOR-US: FastGPT
 CVE-2026-42500 (Decoding a paletted BMP file with an out-of-range palette index result ...)
 	TODO: check
 CVE-2026-34127 (A stored cross-site scripting (XSS) vulnerability has been identified  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c3a6996214735e30e37bda1c694764872cdd38b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c3a6996214735e30e37bda1c694764872cdd38b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260530/1d9de53c/attachment.htm>