Just would like to add a quick note about these suddenly disappeared zabbix CVEs. All of these were LLM-enriched CVEs, and they lack CPE with both NIST and MITRE. Though they are associated with the correct recipe, they are not interesting for one reason or another, and they won't appear in future reports. Below you can find the justification. (Same goes for Kirkstone)
On 12/29/25 13:05, Gyorgy Sarvari via lists.openembedded.org wrote: > Removed this week (4): > > - zabbix: CVE-2025-27232: https://nvd.nist.gov/vuln/detail/CVE-2025-27232 This CVE affects only Zabbix 7.4, as it is confirmed by upstream, and no other versions. (Kirkstone is using 5.4, Scarthgap is on 6.2) > - zabbix: CVE-2025-27234: https://nvd.nist.gov/vuln/detail/CVE-2025-27234 This affects only Zabbix 5.0. > - zabbix: CVE-2025-27237: https://nvd.nist.gov/vuln/detail/CVE-2025-27237 This is a Windows only issue. > - zabbix: CVE-2025-49642: https://nvd.nist.gov/vuln/detail/CVE-2025-49642 > This vulnerability is only for AIX.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#122979): https://lists.openembedded.org/g/openembedded-devel/message/122979 Mute This Topic: https://lists.openembedded.org/mt/116982774/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
