category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.7	CVE-2026-8592	OS Command Injection in Rapid7 InsightConnect AWK Plugin_CVE-2026-8592 OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arb...	Rapid7	InsightConnect AWK Plugin	Jun 25, 2026	CVE
MEDIUM 5.1	CVE-2026-49979	Appsmith: SSRF via `POST /api/v1/admin/send-test-email` — JavaMail Bypasses WebClient IP Filter_CVE-2026-49979 Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accept...	appsmithorg	appsmith < 1.99	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-39897	Cacti has a Reflected XSS Vulnerability via html_auth_footer_CVE-2026-39897 Cacti is an open source performance and fault management framework. Versions 1.2.30 and below contain a Reflected XSS vulnerability in the html_aut...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
LOW 2.9	CVE-2026-39894	Cacti: RRDtool metric shift via LC_NUMERIC locale comma decimal formatting_CVE-2026-39894 Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtoo...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-39893	Cacti: Pre-authentication SQL injection via rfilter RLIKE clause in graph_view.php_CVE-2026-39893 Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated int...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-2050	GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability_CVE-2026-2050 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitra...	GIMP	GIMP 3.0.6	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-39938	Cacti: Unauthenticated RCE on Graph Image_CVE-2026-39938 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graph_theme and rrdt...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-39900	Cacti: Reflected XSS via tab parameter in auth_profile.php JavaScript context_CVE-2026-39900 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in ...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-39899	Cacti: Path Traversal via filename parameter in package_import.php_CVE-2026-39899 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename paramet...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-39955	Cacti has Pre-Authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php_CVE-2026-39955 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Injection via unanchored ...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE