[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed, 11 Feb 2026 00:26:42 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
badc88aa by Salvatore Bonaccorso at 2026-02-11T09:25:22+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,17 +17,17 @@ CVE-2026-26037
 CVE-2026-26036
        REJECTED
 CVE-2026-26013 (LangChain is a framework for building agents and LLM-powered 
applicati ...)
-       TODO: check
+       NOT-FOR-US: LangChain
 CVE-2026-26007 (cryptography is a package designed to expose cryptographic 
primitives  ...)
        - python-cryptography <unfixed>
        NOTE: 
https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2
        NOTE: Fixed by: 
https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c
 (46.0.5)
 CVE-2026-26006 (AutoGPT is a platform that allows users to create, deploy, and 
manage  ...)
-       TODO: check
+       NOT-FOR-US: AutoGPT
 CVE-2026-25872 (JUNG Smart Panel KNX firmware version L1.12.22 and prior 
contain an un ...)
-       TODO: check
+       NOT-FOR-US: JUNG Smart Panel KNX firmware
 CVE-2026-25870 (DoraCMS version 3.1 and prior contains a server-side request 
forgery ( ...)
-       TODO: check
+       NOT-FOR-US: DoraCMS
 CVE-2026-25251
        REJECTED
 CVE-2026-1893 (The Orbisius Random Name Generator plugin for WordPress is 
vulnerable  ...)
@@ -39,9 +39,9 @@ CVE-2026-1762 (A vulnerability in GE Vernova Enervista UR 
Setup on Windows allow
 CVE-2026-1571 (User-controlled input is reflected into the HTML output without 
proper ...)
        NOT-FOR-US: TP-Link
 CVE-2026-1507 (The affected products are vulnerable to an uncaught exception 
that cou ...)
-       TODO: check
+       NOT-FOR-US: PI Data Archive PI Server
 CVE-2026-1495 (The vulnerability, if exploited, could allow an attacker with 
Event Lo ...)
-       TODO: check
+       NOT-FOR-US: AVEVA
 CVE-2026-1357 (The Migration, Backup, Staging \u2013 WPvivid Backup & 
Migration plugi ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-1235 (The WP eCommerce WordPress plugin through 3.15.1 unserializes 
user inp ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/badc88aa925c4690bc8c856a38e7edddc95c910d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/badc88aa925c4690bc8c856a38e7edddc95c910d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to