category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.3	CVE-2026-10702	JIT miscompilation in the JavaScript Engine: JIT component_CVE-2026-10702 JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.	Mozilla	Firefox 151.0.3	Jun 2, 2026	CVE
HIGH 7.5	CVE-2026-42504	Quadratic complexity in WordDecoder.DecodeHeader in mime_CVE-2026-42504 Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU.	Go standard library	mime	Jun 2, 2026	CVE
MEDIUM 6.1	CVE-2026-6657	CORS Origin Validation Bypass in jupyter-server_CVE-2026-6657 A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the `allow_origin_pat` co...	jupyter	jupyter/jupyter unspecified	Jun 3, 2026	CVE
HIGH 7	CVE-2026-44281	GLPI vulnerable to unauthorized reading of a specific asset object_CVE-2026-44281 GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user w...	glpi-project	glpi >= 11.0.0, < 11.0.7	Jun 3, 2026	CVE
HIGH 8.4	CVE-2026-42321	GLPI has stored XSS in asset locks_CVE-2026-42321 GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to version 10.0.25, a technician can store an XSS pay...	glpi-project	glpi >= 10.0.4, < 10.0.25	Jun 3, 2026	CVE
MEDIUM 5.9	CVE-2026-42320	GLPI vulnerable to arbitrary file access_CVE-2026-42320 GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read a...	glpi-project	glpi >= 11.0.0, < 11.0.7	Jun 3, 2026	CVE
HIGH 7	CVE-2026-42318	GLPI Vulnerable to Arbitrary Item Deletion via Planning Endpoint_CVE-2026-42318 GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 10.0.25 and 11.0.7, low privilege users wi...	glpi-project	glpi >= 11.0.0, < 11.0.7	Jun 3, 2026	CVE
HIGH 7	CVE-2026-42317	GLPI vulnerable to arbitrary files deletion by technician_CVE-2026-42317 GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, a technician can delete...	glpi-project	glpi >= 11.0.0, < 11.0.7	Jun 3, 2026	CVE
MEDIUM 6.3	CVE-2026-3276	Potential DoS via quadratic complexity in unicodedata.normalize()_CVE-2026-3276 unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters wi...	Python Software Foundation	CPython	Jun 3, 2026	CVE
MEDIUM 6.3	CVE-2026-35716	CVE-2026-35716_CVE-2026-35716 A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers t...	n/a	n/a n/a	Jun 2, 2026	CVE