category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.4	CVE-2026-13318	Virt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ip_CVE-2026-13318 A server-side request forgery (SSRF) flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a Virtua...	Red Hat	Red Hat OpenShift Virtualization 4	Jun 25, 2026	CVE
MEDIUM 4.2	CVE-2026-13218	Kubevirt: kubevirt: symlink following in writetocachedfile allows host file overwrite from virt-launcher_CVE-2026-13218 A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.W...	Red Hat	Red Hat OpenShift Virtualization 4	Jun 25, 2026	CVE
MEDIUM 6.9	CVE-2026-13083	Pen-drive: pen-drive: stored xss via unescaped cluster data in html report_CVE-2026-13083 A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An ...	Red Hat	Pen Drive Powered by Red Hat Lightspeed	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-12993	Apicurio/apicurio-registry: apicurio-registry: xml entity-expansion denial of service via internal dtd subset_CVE-2026-12993 A flaw was found in Apicurio Registry. The DocumentBuilderAccessor correctly blocks external DTD and schema access but does not disable DOCTYPE dec...	Red Hat	Red Hat build of Apicurio Registry 3	Jun 25, 2026	CVE
LOW 3.8	CVE-2026-13322	Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of service_CVE-2026-13322 A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine(), which buff...	Red Hat	Red Hat OpenShift Virtualization 4	Jun 26, 2026	CVE
MEDIUM 6	CVE-2026-6731	X.509 name constraint bypass via Subject CN treated as a DNS name_CVE-2026-6731 X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's D...	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE
LOW 1	CVE-2026-6681	PKCS#7 decode ignores caller output buffer size, writing past buffer bounds_CVE-2026-6681 The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to be written past the bounds of the pro...	wolfSSL	wolfSSL 3.10.0	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-6679	DTLS 1.3 ACK serialization heap buffer overflow via integer truncation_CVE-2026-6679 A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due ...	wolfSSL	wolfSSL 5.4.0	Jun 25, 2026	CVE
LOW 1	CVE-2026-6678	Integer underflow in wc_PKCS7_DecryptOri handling crafted Other Recipient Info_CVE-2026-6678 Integer underflow in wc_PKCS7_DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption.	wolfSSL	wolfSSL 3.15.5	Jun 25, 2026	CVE
LOW 1	CVE-2026-6450	CRL critical extension bypass in ParseCRL_Extensions_CVE-2026-6450 A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an u...	wolfSSL	wolfSSL 4.3.0	Jun 25, 2026	CVE