[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 24 Jan 2026 00:38:40 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4b2ebcb8 by Salvatore Bonaccorso at 2026-01-24T09:37:55+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,49 +15,49 @@ CVE-2026-24643
 CVE-2026-24642
        REJECTED
 CVE-2026-24474 (Dioxus Components is a shadcn-style component library for the 
Dioxus a ...)
-       TODO: check
+       NOT-FOR-US: Dioxus app framework
 CVE-2026-24469 (C++ HTTP Server is an HTTP/1.1 server built to handle client 
connectio ...)
        TODO: check
 CVE-2026-24422 (phpMyFAQ is an open source FAQ web application. In versions 
4.0.16 and ...)
-       TODO: check
+       NOT-FOR-US: phpMyFAQ
 CVE-2026-24421 (phpMyFAQ is an open source FAQ web application. Versions 
4.0.16 and be ...)
-       TODO: check
+       NOT-FOR-US: phpMyFAQ
 CVE-2026-24420 (phpMyFAQ is an open source FAQ web application. Versions 
4.0.16 and be ...)
-       TODO: check
+       NOT-FOR-US: phpMyFAQ
 CVE-2026-24412 (iccDEV provides libraries and tools for interacting with, 
manipulating ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24411 (iccDEV provides libraries and tools for interacting with, 
manipulating ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24410 (iccDEV provides libraries and tools for interacting with, 
manipulating ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24409 (iccDEV provides libraries and tools for interacting with, 
manipulating ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24407 (iccDEV provides libraries and tools for interacting with, 
manipulating ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24406 (iccDEV provides libraries and tools for interacting with, 
manipulating ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24405 (iccDEV provides libraries and tools for interacting with, 
manipulating ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24404 (iccDEV provides libraries and tools for interacting with, 
manipulating ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24403 (iccDEV provides libraries and tools for interacting with, 
manipulating ...)
-       TODO: check
+       NOT-FOR-US: iccDEV
 CVE-2026-24402
        REJECTED
 CVE-2026-24401 (Avahi is a system which facilitates service discovery on a 
local netwo ...)
        TODO: check
 CVE-2026-24399 (ChatterMate is a no-code AI chatbot agent framework. In 
versions 1.0.8 ...)
-       TODO: check
+       NOT-FOR-US: ChatterMate
 CVE-2026-24140 (MyTube is a self-hosted downloader and player for several 
video websit ...)
-       TODO: check
+       NOT-FOR-US: MyTube
 CVE-2026-24139 (MyTube is a self-hosted downloader and player for several 
video websit ...)
-       TODO: check
+       NOT-FOR-US: MyTube
 CVE-2026-24136 (Saleor is an e-commerce platform. Versions 3.2.0 through 
3.20.109, 3.2 ...)
-       TODO: check
+       NOT-FOR-US: Saleor
 CVE-2026-24128 (XWiki Platform is a generic wiki platform offering runtime 
services fo ...)
        NOT-FOR-US: XWiki
 CVE-2026-24127 (Typemill is a flat-file, Markdown-based CMS designed for 
informational ...)
-       TODO: check
+       NOT-FOR-US: Typemill
 CVE-2026-22586 (Hard-coded Cryptographic Key vulnerability in Salesforce 
Marketing Clo ...)
        NOT-FOR-US: Salesforce
 CVE-2026-22585 (Use of a Broken or Risky Cryptographic Algorithm vulnerability 
in Sale ...)
@@ -101,17 +101,17 @@ CVE-2025-70458 (A DOM-based Cross-Site Scripting (XSS) 
vulnerability exists in t
 CVE-2025-70457 (A Remote Code Execution (RCE) vulnerability exists in 
Sourcecodester M ...)
        NOT-FOR-US: SourceCodester
 CVE-2025-67264 (An OS command injection vulnerability in the 
com.sprd.engineermode com ...)
-       TODO: check
+       NOT-FOR-US: Doogee
 CVE-2025-52026 (An information disclosure vulnerability exists in the 
/srvs/membersrv/ ...)
-       TODO: check
+       NOT-FOR-US: Aptsys
 CVE-2025-52025 (An SQL Injection vulnerability exists in the 
GetServiceByRestaurantID  ...)
-       TODO: check
+       NOT-FOR-US: Aptsys
 CVE-2025-52024 (A vulnerability exists in the Aptsys POS Platform Web Services 
module  ...)
-       TODO: check
+       NOT-FOR-US: Aptsys
 CVE-2025-52023 (A vulnerability in the PHP backend of gemscms.aptsys.com.sg 
thru 2025- ...)
-       TODO: check
+       NOT-FOR-US: Aptsys
 CVE-2025-52022 (A vulnerability in the PHP backend of 
gemsloyalty.aptsys.com.sg thru 2 ...)
-       TODO: check
+       NOT-FOR-US: Aptsys
 CVE-2025-14985 (The Alpha Blocks plugin for WordPress is vulnerable to Stored 
Cross-Si ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-14941 (The GZSEO plugin for WordPress is vulnerable to authorization 
bypass l ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b2ebcb88ae83d8c2b84c6e8a4fa9cdfd860038e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b2ebcb88ae83d8c2b84c6e8a4fa9cdfd860038e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to