category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.1	CVE-2026-7656	Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack_CVE-2026-7656 The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expr...	zephyrproject	zephyr 1.14.0	Jun 29, 2026	CVE
HIGH 7.8	CVE-2026-49416	Integer overflow in vt(4) CONS_HISTORY ioctl_CVE-2026-49416 The CONS_HISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size...	FreeBSD	FreeBSD 15.0-RELEASE	Jun 27, 2026	CVE
HIGH 7.5	CVE-2026-36848	CVE-2026-36848_CVE-2026-36848 Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.	n/a	n/a n/a	Jun 29, 2026	CVE
HIGH 8.7	CVE-2026-58000	luci-proto-openvpn – Command Injection via cl_meta Parameter in generateKey_CVE-2026-58000 luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, contains a command injection vulnerability in the generateKey ubus method where the cl_...	openwrt	luci 0.11.1	Jun 29, 2026	CVE
HIGH 7.7	CVE-2026-57999	luci-app-tailscale-community – Command Injection via tailscale.do_login RPC_CVE-2026-57999 luci-app-tailscale-community contains a command injection vulnerability in the tailscale.do_login RPC method that allows authenticated users to exe...	openwrt	luci	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-53428	Unbounded memory allocation in highlight_lines range expansion in mdex_CVE-2026-53428 Memory Allocation with Excessive Size Value vulnerability in leandrocp mdex allows an unauthenticated attacker to cause a denial of service through...	leandrocp	mdex 0.11.0	Jun 29, 2026	CVE
LOW 2.3	CVE-2026-53427	Cross-site scripting in MDEx via unescaped highlight_lines_class code-fence attribute_CVE-2026-53427 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leandrocp MDEx allows stored or reflected cro...	leandrocp	mdex 0.11.3	Jun 29, 2026	CVE
MEDIUM 6.2	CVE-2026-13757	P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing_CVE-2026-13757 A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_va...	Red Hat	Red Hat Enterprise Linux 10	Jun 29, 2026	CVE
MEDIUM 5.1	CVE-2026-54889	Unsanitized URL schemes in MDEx Quill Delta output allow javascript: injection (XSS)_CVE-2026-54889 Improper Neutralization of Input During Web Page Generation (XSS) vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL s...	leandrocp	mdex 0.8.3	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-54888	Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex_CVE-2026-54888 Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir ...	leandrocp	mdex 0.3.0	Jun 29, 2026	CVE