category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8	CVE-2026-48719	Warp branch selector command injection via Git branch names_CVE-2026-48719 Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2025.08.06.08.12.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48704	Warp Markdown notebook links may open executable local files_CVE-2026-48704 Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.05.06.15.42.stable_01, Warp may open executable local fi...	warpdotdev	warp >= 0.2023.10.24.08.03.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-48703	Warp: Command Injection via Warp code search tool arguments_CVE-2026-48703 Warp is an agentic development environment. From 0.2025.04.09.08.11.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...	warpdotdev	warp >= 0.2025.04.09.08.11.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
MEDIUM 5.5	CVE-2026-44022	Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands_CVE-2026-44022 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2....	docling-project	docling >= 2.73.0, < 2.91.0	Jun 24, 2026	CVE
HIGH 7.5	CVE-2026-44020	Docling: Unsafe XML Entity Expansion in USPTO Patent Backend_CVE-2026-44020 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2....	docling-project	docling >= 2.13.0, < 2.74.0	Jun 24, 2026	CVE
HIGH 7.5	CVE-2026-44017	Docling: Unsafe Zip Extraction in EasyOCR Model Download_CVE-2026-44017 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the...	docling-project	docling < 2.91.0	Jun 24, 2026	CVE
HIGH 8.2	CVE-2026-44016	Docling: Unsafe Playwright-based HTML Rendering_CVE-2026-44016 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions >= 2.82...	docling-project	docling >= 2.82.0, < 2.91.0	Jun 24, 2026	CVE
HIGH 7.6	CVE-2025-71361	picklescan – Remote Code Execution via Undetected idlelib.calltip.Calltip.fetch_tip_CVE-2025-71361 picklescan before 0.0.29 fails to detect malicious idlelib.calltip.Calltip.fetch_tip calls in pickle files, allowing remote code execution. Attacke...	picklescan	picklescan	Jun 24, 2026	CVE
MEDIUM 4.2	CVE-2026-57307	CVE-2026-57307_CVE-2026-57307 A missing permission check in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers with Overall/Read permission to con...	Jenkins Project	Jenkins Zowe zDevOps Plugin	Jun 24, 2026	CVE
MEDIUM 4.2	CVE-2026-57306	CVE-2026-57306_CVE-2026-57306 A cross-site request forgery (CSRF) vulnerability in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers to connect t...	Jenkins Project	Jenkins Zowe zDevOps Plugin	Jun 24, 2026	CVE