category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.7	CVE-2026-56242	Capgo – Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPC_CVE-2026-56242 Capgo before 12.128.2 contains an unauthenticated security definer RPC function get_identity_apikey_only that returns the owning user_id for suppli...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7.2	CVE-2026-56239	Capgo – Privilege Escalation via SECURITY DEFINER Function apply_usage_overage_CVE-2026-56239 Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public.apply_usage_overage SECURITY DEFINER function, which pe...	Capgo	Capgo	Jun 21, 2026	CVE
MEDIUM 6.8	CVE-2026-56236	Capgo CLI – Arbitrary File Overwrite via Symlink-Following in Local Credential Operations_CVE-2026-56236 Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without ...	capgo	cli	Jun 21, 2026	CVE
HIGH 7.1	CVE-2026-56229	Capgo – Cross-App Build Job Access via app_id/job_id Mismatch in /build/status and /build/logs_CVE-2026-56229 Capgo before 12.128.2 contains an authorization bypass vulnerability in the /build/status and /build/logs endpoints that allows attackers to access...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71378	picklescan – Remote Code Execution via Undetected cProfile.runctx in Pickle Files_CVE-2025-71378 picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71357	picklescan – Arbitrary Code Execution via Undetected idlelib.pyshell.ModifiedInterpreter.runcommand_CVE-2025-71357 picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers c...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71351	picklescan – Remote Code Execution via timeit.timeit() Detection Bypass_CVE-2025-71351 picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the __reduce__ method, allowing remote code execution. ...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71348	picklescan – Arbitrary Code Execution via torch.utils._config_module.load_config Bypass_CVE-2025-71348 picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_config function within reduce methods. ...	picklescan	picklescan	Jun 21, 2026	CVE
MEDIUM 6.9	CVE-2026-12795	BerriAI litellm SSO Debug Flow ui_sso.py json.dumps missing authentication_CVE-2026-12795 A vulnerability was determined in BerriAI litellm up to 1.82.2. This affects the function json.dumps of the file litellm/proxy/management_endpoints...	BerriAI	litellm 1.82.0	Jun 21, 2026	CVE
MEDIUM 5.1	CVE-2026-12789	ILIAS Learning Management System Learning Progress Tracking class.ilTrQuery.php executeQueries sql injection_CVE-2026-12789 A vulnerability was identified in ILIAS Learning Management System 11.0. This issue affects the function ilTrQuery::executeQueries of the file comp...	ILIAS	Learning Management System 11.0	Jun 21, 2026	CVE