CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-36848	CVE-2026-36848_CVE-2026-36848 Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.	n/a	n/a n/a	Jun 29, 2026	CVE
HIGH 8.7	CVE-2026-58000	luci-proto-openvpn – Command Injection via cl_meta Parameter in generateKey_CVE-2026-58000 luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, contains a command injection vulnerability in the generateKey ubus method where the cl_...	openwrt	luci 0.11.1	Jun 29, 2026	CVE
HIGH 7.7	CVE-2026-57999	luci-app-tailscale-community – Command Injection via tailscale.do_login RPC_CVE-2026-57999 luci-app-tailscale-community contains a command injection vulnerability in the tailscale.do_login RPC method that allows authenticated users to exe...	openwrt	luci	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-53428	Unbounded memory allocation in highlight_lines range expansion in mdex_CVE-2026-53428 Memory Allocation with Excessive Size Value vulnerability in leandrocp mdex allows an unauthenticated attacker to cause a denial of service through...	leandrocp	mdex 0.11.0	Jun 29, 2026	CVE
LOW 2.3	CVE-2026-53427	Cross-site scripting in MDEx via unescaped highlight_lines_class code-fence attribute_CVE-2026-53427 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leandrocp MDEx allows stored or reflected cro...	leandrocp	mdex 0.11.3	Jun 29, 2026	CVE
MEDIUM 6.2	CVE-2026-13757	P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing_CVE-2026-13757 A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_va...	Red Hat	Red Hat Enterprise Linux 10	Jun 29, 2026	CVE
MEDIUM 5.1	CVE-2026-54889	Unsanitized URL schemes in MDEx Quill Delta output allow javascript: injection (XSS)_CVE-2026-54889 Improper Neutralization of Input During Web Page Generation (XSS) vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL s...	leandrocp	mdex 0.8.3	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-54888	Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex_CVE-2026-54888 Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir ...	leandrocp	mdex 0.3.0	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-53429	Unbounded native memory leak in mdex escaped-tag rendering enables unauthenticated denial of service_CVE-2026-53429 Missing Release of Memory after Effective Lifetime vulnerability in leandrocp mdex and mdex_native allows an attacker who controls a rendered docum...	leandrocp	mdex 0.11.0	Jun 29, 2026	CVE
HIGH 8.2	CVE-2026-53426	Atom-table exhaustion denial-of-service via JSON parse_document in MDEx_CVE-2026-53426 Allocation of Resources Without Limits or Throttling vulnerability in leandrocp MDEx allows Excessive Allocation. MDEx.parse_document/2 accepts a ...	leandrocp	mdex 0.4.3	Jun 29, 2026	CVE