[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 27 Jan 2026 13:38:56 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
58898787 by Salvatore Bonaccorso at 2026-01-27T22:38:15+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -81,51 +81,51 @@ CVE-2026-24804 (Loop with Unreachable Exit Condition 
('Infinite Loop') vulnerabi
 CVE-2026-24803 (Loop with Unreachable Exit Condition ('Infinite Loop') 
vulnerability i ...)
        NOT-FOR-US: coolsnowwolf lede
 CVE-2026-24802 (Loop with Unreachable Exit Condition ('Infinite Loop') 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: briandilley jsonrpc4j
 CVE-2026-24801 (Vulnerability in Ralim IronOS 
(source/Core/BSP/Pinecilv2/bl_mcu_sdk/co ...)
-       TODO: check
+       NOT-FOR-US: Ralim IronOS
 CVE-2026-24800 (Out-of-bounds Write, Buffer Copy without Checking Size of 
Input ('Clas ...)
-       TODO: check
+       NOT-FOR-US: tildearrow furnace
 CVE-2026-24799 (Out-of-bounds Write, Buffer Copy without Checking Size of 
Input ('Clas ...)
-       TODO: check
+       NOT-FOR-US: davisking dlib
 CVE-2026-24798 (Improper Restriction of Operations within the Bounds of a 
Memory Buffe ...)
-       TODO: check
+       NOT-FOR-US: GaijinEntertainment DagorEngine
 CVE-2026-24797 (Out-of-bounds Write vulnerability in neka-nat cupoch 
(third_party/libj ...)
-       TODO: check
+       NOT-FOR-US: neka-nat cupoch
 CVE-2026-24796 (Out-of-bounds Read vulnerability in CloverHackyColor 
CloverBootloader  ...)
-       TODO: check
+       NOT-FOR-US: CloverHackyColor CloverBootloader
 CVE-2026-24795 (Out-of-bounds Write vulnerability in CloverHackyColor 
CloverBootloader ...)
-       TODO: check
+       NOT-FOR-US: CloverHackyColor CloverBootloader
 CVE-2026-24794 (Improper Restriction of Operations within the Bounds of a 
Memory Buffe ...)
-       TODO: check
+       NOT-FOR-US: CardboardPowered cardboard
 CVE-2026-24793 (Out-of-bounds Write, Buffer Copy without Checking Size of 
Input ('Clas ...)
-       TODO: check
+       NOT-FOR-US: zerothcore azerothcore-wotlk
 CVE-2026-24771 (Hono is a Web application framework that provides support for 
any Java ...)
-       TODO: check
+       NOT-FOR-US: Hono
 CVE-2026-24688 (pypdf is a free and open-source pure-python PDF library. An 
attacker w ...)
        TODO: check
 CVE-2026-24473 (Hono is a Web application framework that provides support for 
any Java ...)
-       TODO: check
+       NOT-FOR-US: Hono
 CVE-2026-24472 (Hono is a Web application framework that provides support for 
any Java ...)
-       TODO: check
+       NOT-FOR-US: Hono
 CVE-2026-24398 (Hono is a Web application framework that provides support for 
any Java ...)
-       TODO: check
+       NOT-FOR-US: Hono
 CVE-2026-24348 (Multiple cross-site scripting vulnerabilities in Admin UI of 
EZCast Pr ...)
-       TODO: check
+       NOT-FOR-US: EZCast Pro II
 CVE-2026-24347 (Improper input validation in Admin UI of EZCast Pro II version 
1.17478 ...)
-       TODO: check
+       NOT-FOR-US: EZCast Pro II
 CVE-2026-24346 (Use of well-known default credentials in Admin UI of EZCast 
Pro II ver ...)
-       TODO: check
+       NOT-FOR-US: EZCast Pro II
 CVE-2026-24345 (Cross-Site Request Forgery in Admin UI of EZCast Pro II 
version 1.1747 ...)
-       TODO: check
+       NOT-FOR-US: EZCast Pro II
 CVE-2026-24344 (MultipleBuffer Overflows in Admin UI of EZCast Pro II version 
1.17478. ...)
-       TODO: check
+       NOT-FOR-US: EZCast Pro II
 CVE-2026-24116 (Wasmtime is a runtime for WebAssembly. Starting in version 
29.0.0 and  ...)
        TODO: check
 CVE-2026-23892 (OctoPrint provides a web interface for controlling consumer 3D 
printer ...)
        TODO: check
 CVE-2026-23881 (Kyverno is a policy engine designed for cloud native platform 
engineer ...)
-       TODO: check
+       NOT-FOR-US: Kyverno
 CVE-2026-23593 (A vulnerability in the web-based management interface of HPE 
Aruba Net ...)
        NOT-FOR-US: HPE
 CVE-2026-23592 (Insecure file operations in HPE Aruba Networking Fabric 
Composer\xe2\u ...)
@@ -433,7 +433,7 @@ CVE-2026-23888 (pnpm is a package manager. Prior to version 
10.28.1, a path trav
 CVE-2026-23683 (SAP Fiori App Intercompany Balance Reconciliation does not 
perform nec ...)
        NOT-FOR-US: SAP
 CVE-2026-22709 (vm2 is an open source vm/sandbox for Node.js. In vm2 prior to 
version  ...)
-       TODO: check
+       NOT-FOR-US: Node vm2
 CVE-2026-22696 (dcap-qvl implements the quote verification logic for DCAP 
(Data Center ...)
        TODO: check
 CVE-2026-21408 (beat-access for Windows version 3.0.3 and prior contains an 
issue with ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58898787a847a2bb6e3915d3defb4bb994f0e062

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58898787a847a2bb6e3915d3defb4bb994f0e062
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to