[Git][security-tracker-team/security-tracker][master] NFUs

Tue, 20 Jan 2026 03:42:49 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e28b39fc by Moritz Muehlenhoff at 2026-01-20T12:42:21+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2026-23949 (jaraco.context, an open-source software 
package that provides so
        NOTE: 
https://github.com/jaraco/jaraco.context/security/advisories/GHSA-58pv-8j8x-9vj2
        NOTE: Fixed by: 
https://github.com/jaraco/jaraco.context/commit/7b26a42b525735e4085d2e994e13802ea339d5f9
 (v6.1.0)
 CVE-2026-23947 (Orval generates type-safe JS clients (TypeScript) from any 
valid OpenA ...)
-       TODO: check
+       NOT-FOR-US: Orval
 CVE-2026-23944 (Arcane is an interface for managing Docker containers, images, 
network ...)
        NOT-FOR-US: Arcane
 CVE-2026-23917
@@ -48,7 +48,7 @@ CVE-2026-23876 (ImageMagick is free and open-source software 
used for editing an
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/2fae24192b78fdfdd27d766fd21d90aeac6ea8b8
 (7.1.2-13)
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/536512a2c60cd6e8c21c1256c2ee4da48d903e0c
 (6.9.13-38)
 CVE-2026-23875 (CrawlChat is an open-source, AI-powered platform that 
transforms techn ...)
-       TODO: check
+       NOT-FOR-US: CrawlChat
 CVE-2026-23874 (ImageMagick is free and open-source software used for editing 
and mani ...)
        - imagemagick <unfixed>
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9vj4-wc7r-p844
@@ -66,9 +66,9 @@ CVE-2026-22770 (ImageMagick is free and open-source software 
used for editing an
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-39h3-g67r-7g3c
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/3e0330721020e0c5bb52e4b77c347527dd71658e
 (7.1.2-13)
 CVE-2026-22219 (Chainlit versions prior to 2.9.4 contain a server-side request 
forgery ...)
-       TODO: check
+       NOT-FOR-US: Chainlit
 CVE-2026-22218 (Chainlit versions prior to 2.9.4 contain an arbitrary file 
read vulner ...)
-       TODO: check
+       NOT-FOR-US: Chainlit
 CVE-2026-1223 (PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS 
has an I ...)
        NOT-FOR-US: PrismX MX100 AP
 CVE-2026-1222 (PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS 
has an A ...)
@@ -76,7 +76,7 @@ CVE-2026-1222 (PrismX MX100 AP controller developed by BROWAN 
COMMUNICATIONS has
 CVE-2026-1221 (PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS  
has a U ...)
        NOT-FOR-US: PrismX MX100 AP
 CVE-2026-1218 (A vulnerability was detected in Bjskzy Zhiyou ERP up to 11.0. 
Impacted ...)
-       TODO: check
+       NOT-FOR-US: Bjskzy Zhiyou ERP
 CVE-2026-1203 (A weakness has been identified in CRMEB up to 5.6.3. The 
impacted elem ...)
        NOT-FOR-US: CRMEB
 CVE-2026-1202 (A security flaw has been discovered in CRMEB up to 5.6.3. The 
affected ...)
@@ -92,17 +92,17 @@ CVE-2026-1194 (A security flaw has been discovered in 
MineAdmin 1.x/2.x. This af
 CVE-2026-1193 (A vulnerability was identified in MineAdmin 1.x/2.x. The 
impacted elem ...)
        NOT-FOR-US: MineAdmin
 CVE-2026-1192 (A vulnerability was determined in Tosei Online Store Management 
System ...)
-       TODO: check
+       NOT-FOR-US: Tosei Online Store Management System
 CVE-2026-1179 (A vulnerability was detected in Yonyou KSOA 9.0. This affects 
an unkno ...)
-       TODO: check
+       NOT-FOR-US: Yonyou KSOA
 CVE-2026-1178 (A security vulnerability has been detected in Yonyou KSOA 9.0. 
Affecte ...)
-       TODO: check
+       NOT-FOR-US: Yonyou KSOA
 CVE-2026-1177 (A weakness has been identified in Yonyou KSOA 9.0. Affected by 
this vu ...)
-       TODO: check
+       NOT-FOR-US: Yonyou KSOA
 CVE-2026-1176 (A security flaw has been discovered in itsourcecode School 
Management  ...)
        NOT-FOR-US: itsourcecode System
 CVE-2026-1175 (A vulnerability was identified in birkir prime up to 
0.4.0.beta.0. Thi ...)
-       TODO: check
+       NOT-FOR-US: Prime CMS
 CVE-2026-1051 (The Newsletter \u2013 Send awesome emails from WordPress plugin 
for Wo ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-1045 (The Viet contact plugin for WordPress is vulnerable to Stored 
Cross-Si ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e28b39fca5514f83f184140cb53d282e561a1c65

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e28b39fca5514f83f184140cb53d282e561a1c65
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to