category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9	CVE-2026-45406	Dokku: Host RCE via Maliciously Named OpenResty Include Files Injected Through eval_CVE-2026-45406 Dokku is a docker-powered PaaS. Prior to 0.38.2, the openresty-vhosts plugin copies files from an app's openresty/http-includes/ git repository dir...	dokku	dokku < 0.38.2	Jun 26, 2026	CVE
CRITICAL 9	CVE-2026-45405	Dokku: Arbitrary File Write via Tar Symlink Traversal in git:from-archive and certs:add_CVE-2026-45405 Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary ...	dokku	dokku < 0.38.2	Jun 26, 2026	CVE
MEDIUM 5	CVE-2026-28385	SSRF via image import from URL allows internal network probing by authenticated users_CVE-2026-28385 In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery (SSRF) vulnerability in the image import functionality allows authenticat...	Canonical	lxd 6.0	Jun 26, 2026	CVE
MEDIUM 4.9	CVE-2026-13434	Virt-controller-rhel9: kubevirt: kubevirt: multus default-network annotation injection via unvalidated tenant networkname when externalnetresourceinjection is enabled_CVE-2026-13434 A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, th...	Red Hat	Red Hat OpenShift Virtualization 4	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2026-11779	PayloadCMS 3.84.1 – Authenticated account lockout bypass through default unlock access_CVE-2026-11779 An Improper Authorization vulnerability exists in PayloadCMS version 3.84.1 due to insufficient access control on the account unlock operation.	PayloadCMS	PayloadCMS 3.84.1	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2025-32423	AutoGPT: There is a DoS vulnerability in ExtractTextInformationBlock_CVE-2025-32423 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there i...	Significant-Gravitas	AutoGPT < 0.6.32	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2025-32394	AutoGPT: There is a DoS vulnerability in AITextSummarizerBlock_CVE-2025-32394 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there i...	Significant-Gravitas	AutoGPT < 0.6.32	Jun 26, 2026	CVE
MEDIUM 6.1	CVE-2025-60465	CVE-2025-60465_CVE-2025-60465 A use-after-free in the gf_filter_pid_inst_swap function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to caus...	n/a	n/a n/a	Jun 25, 2026	CVE
HIGH 7.8	CVE-2025-60464	CVE-2025-60464_CVE-2025-60464 A use-after-free in the gf_sei_load_from_state_internal function (/filters/sei_load.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to ca...	n/a	n/a n/a	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-38640	CVE-2026-38640_CVE-2026-38640 A reachable unwrap in the __assert_fail function (/assert/mod.rs) of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via a...	n/a	n/a n/a	Jun 25, 2026	CVE