category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.6	CVE-2025-71357	picklescan – Arbitrary Code Execution via Undetected idlelib.pyshell.ModifiedInterpreter.runcommand_CVE-2025-71357 picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers c...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71351	picklescan – Remote Code Execution via timeit.timeit() Detection Bypass_CVE-2025-71351 picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the __reduce__ method, allowing remote code execution. ...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71348	picklescan – Arbitrary Code Execution via torch.utils._config_module.load_config Bypass_CVE-2025-71348 picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_config function within reduce methods. ...	picklescan	picklescan	Jun 21, 2026	CVE
MEDIUM 6.9	CVE-2026-12795	BerriAI litellm SSO Debug Flow ui_sso.py json.dumps missing authentication_CVE-2026-12795 A vulnerability was determined in BerriAI litellm up to 1.82.2. This affects the function json.dumps of the file litellm/proxy/management_endpoints...	BerriAI	litellm 1.82.0	Jun 21, 2026	CVE
MEDIUM 5.1	CVE-2026-12789	ILIAS Learning Management System Learning Progress Tracking class.ilTrQuery.php executeQueries sql injection_CVE-2026-12789 A vulnerability was identified in ILIAS Learning Management System 11.0. This issue affects the function ilTrQuery::executeQueries of the file comp...	ILIAS	Learning Management System 11.0	Jun 21, 2026	CVE
MEDIUM 5.3	CVE-2026-12788	zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 XML Parser import xml external entity reference_CVE-2026-12788 A vulnerability was determined in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This vulnerability affe...	zhilink 智互联(深圳)科技有限公司	ADP Application Developer Platform 应用开发者平台 1.0.0	Jun 21, 2026	CVE
MEDIUM 5.3	CVE-2026-12787	zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 testConnection Endpoint deserialization_CVE-2026-12787 A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This affects an unknown part...	zhilink 智互联(深圳)科技有限公司	ADP Application Developer Platform 应用开发者平台 1.0.0	Jun 21, 2026	CVE
HIGH 8.5	CVE-2026-12786	Ezbsystems UltraISO Premium Edition Kernel Driver bootpt64.sys access control_CVE-2026-12786 A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the libra...	Ezbsystems	UltraISO Premium Edition 9.0	Jun 21, 2026	CVE
MEDIUM 5.3	CVE-2026-12799	BerriAI litellm Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization_CVE-2026-12799 A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litell...	BerriAI	litellm 1.82.0	Jun 21, 2026	CVE
MEDIUM 5.3	CVE-2026-12798	BerriAI litellm MCP OpenAPI Spec Loader openapi_to_mcp_generator.py load_openapi_spec_async server-side request forgery_CVE-2026-12798 A weakness has been identified in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function load_openapi_spec_async of the file ...	BerriAI	litellm 1.82.0	Jun 21, 2026	CVE