category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.4	CVE-2026-44089	Buffer Overflow in Totolink EX1200L router_CVE-2026-44089 Totolink EX1200L router is vulnerable to Buffer Overflow in the login functionality in cgi-bin/cstecgi.cgi endpoint. This vulnerability could be ex...	Totolink	EX1200L 9.3.5u.6146_B20201023	Jun 23, 2026	CVE
MEDIUM 6.1	CVE-2026-10857	Reflected XSS in Akinsoft’s e-Commerce_CVE-2026-10857 Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in AKIN Software Computer Import Export Industry...	AKIN Software Computer Import Export Industry and Trade Ltd.	e-Commerce	Jun 23, 2026	CVE
HIGH 8.8	CVE-2026-10711	RCE in Akınsoft’s CafePlus_CVE-2026-10711 Missing authentication for critical function vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. CafePlus allows Accessin...	AKIN Software Computer Import Export Industry and Trade Ltd.	CafePlus 12.05.03	Jun 23, 2026	CVE
HIGH 7.6	CVE-2025-71376	picklescan – Arbitrary Code Execution via Undetected idlelib.autocomplete.AutoComplete.fetch_completions_CVE-2025-71376 picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetch_completions in reduce methods. Attack...	picklescan	picklescan	Jun 23, 2026	CVE
HIGH 7.6	CVE-2025-71370	picklescan – Remote Code Execution via torch.jit.unsupported_tensor_ops.execWrapper_CVE-2025-71370 picklescan before 0.0.28 fails to detect malicious torch.jit.unsupported_tensor_ops.execWrapper function calls embedded in pickle files. Attackers ...	picklescan	picklescan	Jun 23, 2026	CVE
HIGH 7.6	CVE-2025-71365	picklescan – Arbitrary Code Execution via numpy.f2py.crackfortran.myeval Detection Bypass_CVE-2025-71365 picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval function through the reduce method. Atta...	picklescan	picklescan	Jun 23, 2026	CVE
HIGH 7.6	CVE-2025-71341	picklescan – Remote Code Execution via Undetected profile.Profile.runctx_CVE-2025-71341 picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allowing attackers to embed undetected ma...	picklescan	picklescan	Jun 23, 2026	CVE
HIGH 8.7	CVE-2025-71337	Flowise – Unverified Email Change via Account Profile Endpoint_CVE-2025-71337 Flowise before 3.0.10 (affected versions 3.0.7 and earlier) contains an unverified email change vulnerability. An authenticated user can change the...	Flowise	Flowise	Jun 23, 2026	CVE
MEDIUM 4.1	CVE-2026-4983	CVE-2026-4983_CVE-2026-4983 Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml withou...	Eclipse Foundation	Eclipse Open VSX 0.1.0	Jun 23, 2026	CVE
CRITICAL 9	CVE-2026-11374	Account Takeover via Predictable SSO Ticket Generation_CVE-2026-11374 In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus, the SSO tickets generated to authenticate that sessi...	zohocorp	manageengine_adselfservice_plus	Jun 23, 2026	CVE