[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri, 20 Feb 2026 01:00:26 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
73645783 by Salvatore Bonaccorso at 2026-02-20T09:59:32+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -107,59 +107,59 @@ CVE-2026-26980 (Ghost is a Node.js content management 
system. Versions 3.24.0 th
 CVE-2026-26977 (Frappe Learning Management System (LMS) is a learning system 
that help ...)
        NOT-FOR-US: Frappe Learning Management System (LMS)
 CVE-2026-26975 (Music Assistant is an open-source media library manager that 
integrate ...)
-       TODO: check
+       NOT-FOR-US: Music Assistant
 CVE-2026-26974 (Slyde is a program that creates animated presentations from 
XML. In ve ...)
-       TODO: check
+       NOT-FOR-US: Slyde
 CVE-2026-26972 (OpenClaw is a personal AI assistant. In versions 2026.1.12 
through 202 ...)
        NOT-FOR-US: OpenClaw
 CVE-2026-26967 (PJSIP is a free and open source multimedia communication 
library writt ...)
        TODO: check
 CVE-2026-26964 (Windmill is an open-source developer platform for internal 
code: APIs, ...)
-       TODO: check
+       NOT-FOR-US: Windmill
 CVE-2026-26963 (Cilium is a networking, observability, and security solution 
with an e ...)
        TODO: check
 CVE-2026-26960 (node-tar is a full-featured Tar for Node.js. When using 
default option ...)
        TODO: check
 CVE-2026-26959 (ADB Explorer is a fluent UI for ADB on Windows. Versions 
0.9.26020 and ...)
-       TODO: check
+       NOT-FOR-US: ADB Explorer
 CVE-2026-26958 (filippo.io/edwards25519 is a Go library implementing the 
edwards25519  ...)
        TODO: check
 CVE-2026-26957 (Libredesk is a self-hosted customer support desk application. 
Versions ...)
-       TODO: check
+       NOT-FOR-US: Libredesk
 CVE-2026-26953 (Pi-hole Admin Interface is a web interface for managing 
Pi-hole, a net ...)
-       TODO: check
+       NOT-FOR-US: Pi-Hole
 CVE-2026-26952 (Pi-hole Admin Interface is a web interface for managing 
Pi-hole, a net ...)
-       TODO: check
+       NOT-FOR-US: Pi-Hole
 CVE-2026-26744 (A user enumeration vulnerability exists in FormaLMS 4.1.18 and 
below i ...)
-       TODO: check
+       NOT-FOR-US: FormaLMS
 CVE-2026-26370 (WordPress Plugin "Survey Maker" versions 5.1.7.7 and prior 
contain a c ...)
-       TODO: check
+       NOT-FOR-US: WordPress Plugin
 CVE-2026-26329 (OpenClaw is a personal AI assistant. Prior to version 
2026.2.14, authe ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26328 (OpenClaw is a personal AI assistant. Prior to version 
2026.2.14, under ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26327 (OpenClaw is a personal AI assistant. Discovery beacons 
(Bonjour/mDNS a ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26326 (OpenClaw is a personal AI assistant. Prior to version 
2026.2.14, `skil ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26325 (OpenClaw is a personal AI assistant. Prior to version 
2026.2.14, a mis ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26324 (OpenClaw is a personal AI assistant. Prior to version 
2026.2.14, OpenC ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26323 (OpenClaw is a personal AI assistant. Versions 2026.1.8 through 
2026.2. ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26322 (OpenClaw is a personal AI assistant. Prior to OpenClaw version 
2026.2. ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26321 (OpenClaw is a personal AI assistant. Prior to OpenClaw version 
2026.2. ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26320 (OpenClaw is a personal AI assistant. OpenClaw macOS desktop 
client reg ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26319 (OpenClaw is a personal AI assistant. Versions 2026.2.13 and 
below allo ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26317 (OpenClaw is a personal AI assistant. Prior to 2026.2.14, 
browser-facin ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26316 (OpenClaw is a personal AI assistant. Prior to 2026.2.13, the 
optional  ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-26315 (go-ethereum (Geth) is a golang execution layer implementation 
of the E ...)
        TODO: check
 CVE-2026-26314 (go-ethereum (geth) is a golang execution layer implementation 
of the E ...)
@@ -169,9 +169,9 @@ CVE-2026-26313 (go-ethereum (geth) is a golang execution 
layer implementation of
 CVE-2026-26312 (Stalwart is a mail and collaboration server. A 
denial-of-service vulne ...)
        TODO: check
 CVE-2026-26286 (SillyTavern is a locally installed user interface that allows 
users to ...)
-       TODO: check
+       NOT-FOR-US: SillyTavern
 CVE-2026-26282 (NanaZip is an open source file archive Starting in version 
5.0.1252.0  ...)
-       TODO: check
+       NOT-FOR-US: NanaZip
 CVE-2026-26275 (httpsig-hyper is a hyper extension for http message 
signatures. An iss ...)
        TODO: check
 CVE-2026-26065 (calibre is a cross-platform e-book manager for viewing, 
converting, ed ...)
@@ -181,7 +181,7 @@ CVE-2026-26064 (calibre is a cross-platform e-book manager 
for viewing, converti
 CVE-2026-24122 (Cosign provides code signing and transparency for containers 
and binar ...)
        TODO: check
 CVE-2026-21535 (Improper access control in Microsoft Teams allows an 
unauthorized atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-1658 (User Interface (UI) Misrepresentation of Critical Information 
vulnerab ...)
        NOT-FOR-US: OpenText
 CVE-2026-1292 (Tanium addressed an insertion of sensitive information into log 
file v ...)
@@ -193,7 +193,7 @@ CVE-2025-8055 (Server-Side Request Forgery (SSRF) 
vulnerability in OpenText\u212
 CVE-2025-8054 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        NOT-FOR-US: OpenText
 CVE-2025-67305 (In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance 
contain ...)
-       TODO: check
+       NOT-FOR-US: RUCKUS
 CVE-2025-59819 (This vulnerability allows authenticated attackers to read an 
arbitrary ...)
        TODO: check
 CVE-2025-30416 (Sensitive data disclosure and manipulation due to missing 
authorizatio ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7364578334259cfb9add365ea5b9e5843137033d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7364578334259cfb9add365ea5b9e5843137033d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to