[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a769249f by Salvatore Bonaccorso at 2026-02-03T21:45:55+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135,33 +135,33 @@ CVE-2026-24939 (Missing Authorization vulnerability in WP 
Chill Modula Image Gal
 CVE-2026-24938 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24774 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24773 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24762 (RustFS is a distributed object storage system built in Rust. 
From vers ...)
-       TODO: check
+       NOT-FOR-US: RustFS
 CVE-2026-24674 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24673 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24672 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24671 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24670 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24669 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24668 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24667 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24666 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24665 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24664 (The Open eClass platform (formerly known as GUnet eClass) is a 
complet ...)
-       TODO: check
+       NOT-FOR-US: Open eClass platform
 CVE-2026-24441 (Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior 
expose a ...)
        NOT-FOR-US: Tenda
 CVE-2026-24434 (Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior 
does not ...)
@@ -181,37 +181,37 @@ CVE-2026-22228 (An authenticated user with high 
privileges may trigger a denial\
 CVE-2026-22220 (A lack of proper input validation in the HTTP processing path 
in TP-Li ...)
        NOT-FOR-US: TP-Link
 CVE-2026-21862 (RustFS is a distributed object storage system built in Rust. 
Prior to  ...)
-       TODO: check
+       NOT-FOR-US: RustFS
 CVE-2026-1846
        REJECTED
 CVE-2026-1814 (Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an 
insuffic ...)
-       TODO: check
+       NOT-FOR-US: Rapid7 Nexpose
 CVE-2026-1803 (A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. 
Impacted ...)
-       TODO: check
+       NOT-FOR-US: Ziroom ZHOME A0101
 CVE-2026-1802 (A security flaw has been discovered in Ziroom ZHOME A0101 
1.0.1.0. Thi ...)
-       TODO: check
+       NOT-FOR-US: Ziroom ZHOME A0101
 CVE-2026-1664 (Summary  An Insecure Direct Object Reference has been found to 
exist i ...)
        TODO: check
 CVE-2026-1568 (Rapid7 InsightVM versions before8.34.0 contain a signature 
verificatio ...)
-       TODO: check
+       NOT-FOR-US: Rapid7 InsightVM
 CVE-2026-1432 (SQL injection vulnerability in the Buroweb platform version 
2505.0.12, ...)
-       TODO: check
+       NOT-FOR-US: Buroweb platform
 CVE-2026-0620 (When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may 
accept c ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2025-8461 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: syWEB
 CVE-2025-8456 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: Kod8 Individual and SME Website
 CVE-2025-7760 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: Association Web Package Flora
 CVE-2025-71179 (Creativeitem Academy LMS 7.0 contains reflected Cross-Site 
Scripting ( ...)
-       TODO: check
+       NOT-FOR-US: Creativeitem Academy LMS
 CVE-2025-70849 (Arbitrary File Upload in podinfo thru 6.9.0 allows 
unauthenticated att ...)
        TODO: check
 CVE-2025-70841 (Dokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 
allows unauth ...)
-       TODO: check
+       NOT-FOR-US: Dokans Multi-Tenancy Based eCommerce Platform SaaS
 CVE-2025-70758 (chetans9 core-php-admin-panel through commit a94a780d6 
contains an aut ...)
-       TODO: check
+       NOT-FOR-US: chetans9 core-php-admin-panel
 CVE-2025-70560 (Boltz 2.0.0 contains an insecure deserialization vulnerability 
in its  ...)
        TODO: check
 CVE-2025-70559 (pdfminer.six before 20251230 contains an insecure 
deserialization vuln ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a769249f24e34a2a0a64e54fc6c2ed16a50c05df

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a769249f24e34a2a0a64e54fc6c2ed16a50c05df
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits