category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6	CVE-2026-8664	OS Command Injection in Rapid7 InsightConnect Finger Plugin_CVE-2026-8664 OS Command Injection vulnerability in Rapid7 InsightConnect Finger Plugin on Linux allows authenticated attackers to execute arbitrary OS commands ...	Rapid7	InsightConnect Finger Plugin	Jun 25, 2026	CVE
HIGH 7.7	CVE-2026-8660	OS Command Injection in Rapid7 InsightConnect Ping Plugin_CVE-2026-8660 OS Command Injection vulnerability in the ping action of Rapid7 InsightConnect Ping Plugin on Linux allows remote attackers to execute arbitrary OS...	Rapid7	InsightConnect Ping Plugin	Jun 25, 2026	CVE
HIGH 7.7	CVE-2026-8592	OS Command Injection in Rapid7 InsightConnect AWK Plugin_CVE-2026-8592 OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arb...	Rapid7	InsightConnect AWK Plugin	Jun 25, 2026	CVE
MEDIUM 5.1	CVE-2026-49979	Appsmith: SSRF via `POST /api/v1/admin/send-test-email` — JavaMail Bypasses WebClient IP Filter_CVE-2026-49979 Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accept...	appsmithorg	appsmith < 1.99	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-39897	Cacti has a Reflected XSS Vulnerability via html_auth_footer_CVE-2026-39897 Cacti is an open source performance and fault management framework. Versions 1.2.30 and below contain a Reflected XSS vulnerability in the html_aut...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
LOW 2.9	CVE-2026-39894	Cacti: RRDtool metric shift via LC_NUMERIC locale comma decimal formatting_CVE-2026-39894 Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtoo...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-39893	Cacti: Pre-authentication SQL injection via rfilter RLIKE clause in graph_view.php_CVE-2026-39893 Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated int...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-2050	GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability_CVE-2026-2050 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitra...	GIMP	GIMP 3.0.6	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-39938	Cacti: Unauthenticated RCE on Graph Image_CVE-2026-39938 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graph_theme and rrdt...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-39900	Cacti: Reflected XSS via tab parameter in auth_profile.php JavaScript context_CVE-2026-39900 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in ...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE