category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.7	CVE-2026-50184	Angular: Request Credential & Cache Policy Stripping in Angular Service Worker_CVE-2026-50184 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 22.0.0-next.0, < 22.0.0-rc.2	Jun 22, 2026	CVE
HIGH 8.2	CVE-2026-50171	Angular: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)_CVE-2026-50171 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 22.0.0-next.0, < 22.0.0-rc.2	Jun 22, 2026	CVE
HIGH 8.2	CVE-2026-50170	Angular: Information Leak via Default Caching of Credentialed Requests in HttpTransferCache_CVE-2026-50170 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 22.0.0-next.0, < 22.0.0-rc.2	Jun 22, 2026	CVE
MEDIUM 5.7	CVE-2026-50169	Angular Service Worker Policy-Bypass & Credential-Stripping Vulnerabilities_CVE-2026-50169 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 22.0.0-next.0, < 22.0.0-rc.2	Jun 22, 2026	CVE
HIGH 8.8	CVE-2026-50168	Angular: URL Parser Differential in @angular/platform-server leading to SSRF Allowlist Bypass_CVE-2026-50168 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 22.0.0-next.0, < 22.0.0-rc.2	Jun 22, 2026	CVE
LOW 3.2	CVE-2026-49356	Babel: Arbitrary File Read via sourceMappingURL Comment in @babel/core_CVE-2026-49356 Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a so...	babel	babel >= 8.0.0-alpha.0, < 8.0.0-rc.5	Jun 22, 2026	CVE
HIGH 7.5	CVE-2026-48712	protobufjs: Denial of service through unbounded Any expansion during JSON conversion_CVE-2026-48712 protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.6.1 and 8.4.1, protobufjs could recurse without a depth limit w...	protobufjs	protobuf.js < 7.6.1	Jun 22, 2026	CVE
HIGH 8.8	CVE-2026-46417	Angular: SSRF via Hostname Hijacking in @angular/platform-server_CVE-2026-46417 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 22.0.0-next.0, < 22.0.0-next.12	Jun 22, 2026	CVE
HIGH 7.5	CVE-2026-42127	Grafana pre-auth DoS through arbitrarily large input to public dashboard query handler_CVE-2026-42127 The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive mem...	Grafana	Grafana Enterprise	Jun 22, 2026	CVE
HIGH 8.3	CVE-2026-12249	Canonical ADSys Trust Store Poisoning via Plaintext HTTP Certificate Auto-Enrollment_CVE-2026-12249 An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services (AD CS) certificate auto...	N/A	N/A 0.13.0	Jun 22, 2026	CVE