category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-11589	WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated Stored XSS via File Upload_CVE-2026-11589 The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not properly validate uploaded files, allowing unauthenticated use...	Unknown	WP Support Plus Responsive Ticket System	Jun 30, 2026	CVE
MEDIUM 5.9	CVE-2026-11581	Kali Forms < 2.4.13 - Contributor+ Stored XSS via Form Field Caption_CVE-2026-11581 The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.13 does not sanitise a form field's caption before outputting it ...	Unknown	Kali Forms — Contact Form & Drag-and-Drop Builder	Jun 30, 2026	CVE
HIGH 7.8	CVE-2025-7406	A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM_CVE-2025-7406 Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privile...	Nokia	MantaRay NM <NM 25R1-NM	Jun 30, 2026	CVE
MEDIUM 6.5	CVE-2025-24816	An Improper Access Control vulnerability in Nokia MantaRay NM_CVE-2025-24816 Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation cou...	Nokia	MantaRay NM <25R2-NM	Jun 30, 2026	CVE
HIGH 7.8	CVE-2025-24815	An unrestricted file upload vulnerability in Nokia MantaRay NM_CVE-2025-24815 Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could a...	Nokia	MantaRay NM <25R2-NM	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-50750	Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270_CVE-2026-50750 Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026...	Apache Software Foundation	Apache ActiveMQ Broker 5.19.7	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-50734	Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation_CVE-2026-50734 Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated netw...	Apache Software Foundation	Apache ActiveMQ Client	Jun 30, 2026	CVE
HIGH 8.1	CVE-2026-49877	Apache ActiveMQ: Authenticated web users retain admin access by default in the Web Console_CVE-2026-49877 Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in t...	Apache Software Foundation	Apache ActiveMQ	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-57080	Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped peer-wire message-length prefix_CVE-2026-57080 Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped peer-wire message-length prefix. The peer-wire fram...	SANKO	Net::BitTorrent	Jun 30, 2026	CVE
MEDIUM 5.3	CVE-2026-57079	Net::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplied metadata_CVE-2026-57079 Net::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplied metadata. Net::BitT...	SANKO	Net::BitTorrent	Jun 30, 2026	CVE