category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-54104	U.S. GAO EPDS and CBCA EDS client-based privilege escalation_CVE-2026-54104 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-54103	U.S. GAO EPDS and CBCA EDS unauthenticated password change_CVE-2026-54103 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
LOW 1.8	CVE-2026-48617	CVE-2026-48617_CVE-2026-48617 A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation. This can lead to confidentialit...	nodejs	node 22.22.3	Jun 18, 2026	CVE
HIGH 7.5	CVE-2026-38718	CVE-2026-38718_CVE-2026-38718 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38717	CVE-2026-38717_CVE-2026-38717 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38716	CVE-2026-38716_CVE-2026-38716 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38715	CVE-2026-38715_CVE-2026-38715 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38714	CVE-2026-38714_CVE-2026-38714 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
MEDIUM 5.1	CVE-2026-11982	Stored XSS via missing XSS safety check in Admin2 Pages API partial validation_CVE-2026-11982 Grav 2.0.0-rc.9 with Admin2 2.0.0-rc.14 contains a stored cross-site scripting (XSS) vulnerability in the Admin2 Pages API save flow.	Grav	grav-plugin-api 1.7.52	Jun 18, 2026	CVE
HIGH 7.5	CVE-2025-53114	CometD has acknowledgement extension out of memory_CVE-2025-53114 CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0....	cometd	cometd >= 5.0.0, < 5.0.23	Jun 18, 2026	CVE