[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 29 Jan 2026 11:52:00 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2c01c14c by Salvatore Bonaccorso at 2026-01-29T20:51:23+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -72,19 +72,19 @@ CVE-2026-24739 (Symfony is a PHP framework for web and 
console applications and
 CVE-2026-23743 (Discourse is an open source discussion platform. In versions 
prior to  ...)
        NOT-FOR-US: Discourse
 CVE-2026-1552 (A security vulnerability has been detected in SEMCMS 5.0. This 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SEMCMS
 CVE-2026-1551 (A weakness has been identified in itsourcecode School 
Management Syste ...)
        NOT-FOR-US: itsourcecode System
 CVE-2026-1550 (A security flaw has been discovered in PHPGurukul Hospital 
Management  ...)
        NOT-FOR-US: PHPGurukul
 CVE-2026-1549 (A vulnerability was identified in jishenghua jshERP up to 3.6. 
Affecte ...)
-       TODO: check
+       NOT-FOR-US: jshERP
 CVE-2026-1548 (A flaw has been found in Totolink A7000R 4.1cu.4154. This 
impacts the  ...)
        NOT-FOR-US: TOTOLINK
 CVE-2026-1547 (A vulnerability was detected in Totolink A7000R 4.1cu.4154. 
This affec ...)
        NOT-FOR-US: TOTOLINK
 CVE-2026-1546 (A security vulnerability has been detected in jishenghua jshERP 
up to  ...)
-       TODO: check
+       NOT-FOR-US: jshERP
 CVE-2026-1545 (A weakness has been identified in itsourcecode School 
Management Syste ...)
        NOT-FOR-US: itsourcecode System
 CVE-2026-1544 (A security flaw has been discovered in D-Link DIR-823X 250416. 
Impacte ...)
@@ -98,21 +98,21 @@ CVE-2026-1533 (A security flaw has been discovered in 
code-projects Online Music
 CVE-2026-1532 (A vulnerability was identified in D-Link DCS-700L 1.03.09. The 
affecte ...)
        NOT-FOR-US: D-Link
 CVE-2025-71007 (An input validation vulnerability in the oneflow.index_add 
component o ...)
-       TODO: check
+       NOT-FOR-US: OneFlow
 CVE-2025-71006 (A floating point exception (FPE) in the oneflow.reshape 
component of O ...)
-       TODO: check
+       NOT-FOR-US: OneFlow
 CVE-2025-71005 (A floating point exception (FPE) in the oneflow.view component 
of OneF ...)
-       TODO: check
+       NOT-FOR-US: OneFlow
 CVE-2025-71004 (A segmentation violation in the oneflow.logical_or component 
of OneFlo ...)
-       TODO: check
+       NOT-FOR-US: OneFlow
 CVE-2025-71003 (An input validation vulnerability in the flow.arange() 
component of On ...)
-       TODO: check
+       NOT-FOR-US: OneFlow
 CVE-2025-55704 (Hidden functionality issue exists in multiple MFPs provided by 
Brother ...)
-       TODO: check
+       NOT-FOR-US: Brother
 CVE-2025-53869 (Multiple MFPs provided by Brother Industries, Ltd. does not 
properly v ...)
-       TODO: check
+       NOT-FOR-US: Brother
 CVE-2025-15344 (Tanium addressed a SQL injection vulnerability in Asset.)
-       TODO: check
+       NOT-FOR-US: Tanium
 CVE-2025-14975 (The Custom Login Page Customizer WordPress plugin before 2.5.4 
does no ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-1531
@@ -232,7 +232,7 @@ CVE-2025-65887 (A division-by-zero vulnerability in the 
flow.floor_divide() comp
 CVE-2025-65886 (A shape mismatch vulnerability in OneFlow v0.9.0 allows 
attackers to c ...)
        NOT-FOR-US: OneFlow
 CVE-2025-61140 (The value function in jsonpath 1.1.1 lib/index.js is 
vulnerable to Pro ...)
-       TODO: check
+       NOT-FOR-US: dchester jsonpath
 CVE-2025-59901 (Disk Pulse Enterprise v10.4.18 has an authenticated reflected 
XSS vuln ...)
        NOT-FOR-US: Disk Pulse Enterprise
 CVE-2025-59900 (Sync Breeze Enterprise Server v10.4.18 and Disk Pulse 
Enterprise v10.4 ...)
@@ -1037,7 +1037,7 @@ CVE-2026-23683 (SAP Fiori App Intercompany Balance 
Reconciliation does not perfo
 CVE-2026-22709 (vm2 is an open source vm/sandbox for Node.js. In vm2 prior to 
version  ...)
        NOT-FOR-US: Node vm2
 CVE-2026-22696 (dcap-qvl implements the quote verification logic for DCAP 
(Data Center ...)
-       TODO: check
+       NOT-FOR-US: dcap-qvl
 CVE-2026-21408 (beat-access for Windows version 3.0.3 and prior contains an 
issue with ...)
        NOT-FOR-US: beat-access for Windows
 CVE-2026-1449 (A flaw has been found in Hisense TransTech Smart Bus Management 
System ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c01c14c4992a59db3b12a5332ab23362baa1d1a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c01c14c4992a59db3b12a5332ab23362baa1d1a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to