[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 18 May 2026 12:32:39 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d6640c4c by Salvatore Bonaccorso at 2026-05-18T21:32:11+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,11 +6,11 @@ CVE-2026-8836 (A vulnerability was found in lwIP up to 2.2.1. 
Affected is the fu
        NOTE: https://savannah.nongnu.org/bugs/?68194
        NOTE: 
https://cgit.git.savannah.gnu.org/cgit/lwip.git/commit/?id=0c957ec03054eb6c8205e9c9d1d05d90ada3898c
 CVE-2026-8803 (A flaw has been found in opensourcepos Open Source Point of 
Sale up to ...)
-       TODO: check
+       NOT-FOR-US: opensourcepos Open Source Point of Sale
 CVE-2026-8802 (A vulnerability was detected in opensourcepos Open Source Point 
of Sal ...)
-       TODO: check
+       NOT-FOR-US: opensourcepos Open Source Point of Sale
 CVE-2026-7498 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: DernekWeb
 CVE-2026-7304 (SGLangs multimodal generation runtime is vulnerable to 
unauthenticated ...)
        TODO: check
 CVE-2026-7302 (SGLangs multimodal generation runtime is vulnerable to an 
unauthentica ...)
@@ -18,7 +18,7 @@ CVE-2026-7302 (SGLangs multimodal generation runtime is 
vulnerable to an unauthe
 CVE-2026-7301 (SGLangs multimodal generation runtime scheduler's ROUTER socket 
binds  ...)
        TODO: check
 CVE-2026-6902 (A vulnerability in Command-Line Client in P4 Server prior to 
the 2025. ...)
-       TODO: check
+       NOT-FOR-US: Command-Line Client in P4 Server
 CVE-2026-6347 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 
11.4.x <= 1 ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2026-6346 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 
11.4.x <= 1 ...)
@@ -28,9 +28,9 @@ CVE-2026-6345 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x 
<= 10.11.13, 11.4.x
 CVE-2026-6343 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 
11.4.x <= 1 ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2026-6342 (Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 
fail to ap ...)
-       TODO: check
+       NOT-FOR-US: Mattermost Plugins
 CVE-2026-6341 (Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 
fail to ha ...)
-       TODO: check
+       NOT-FOR-US: Mattermost Plugins
 CVE-2026-6340 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 
11.4.x <= 1 ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2026-6339 (Mattermost versions 11.5.x <= 11.5.1, 11.4.x <= 11.4.3 fail to 
validat ...)
@@ -68,15 +68,15 @@ CVE-2026-45230 (DumbAssets through 1.0.11 contains a path 
traversal vulnerabilit
 CVE-2026-42822 (Improper authentication in Azure Local Disconnected Operations 
allows  ...)
        NOT-FOR-US: Microsoft
 CVE-2026-41949 (Dify version 1.14.1 and prior contain an authorization bypass 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Dify
 CVE-2026-41948 (Dify version 1.14.1 and prior contain a path traversal 
vulnerability t ...)
-       TODO: check
+       NOT-FOR-US: Dify
 CVE-2026-41947 (Dify version 1.14.1 and prior contains an authorization bypass 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Dify
 CVE-2026-41119 (Dell Live Optics Windows and Personal Edition collectors 
contain an im ...)
        NOT-FOR-US: Dell / EMC
 CVE-2026-41085 (Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a 
privile ...)
-       TODO: check
+       NOT-FOR-US: Thermo Fisher Scientific Torrent Suite Dx
 CVE-2026-3637 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 
11.4.x <= 1 ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2026-3495 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail 
to esca ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6640c4c54a3cb9506b3c277872cc01ee2cb428f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6640c4c54a3cb9506b3c277872cc01ee2cb428f
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to