LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.3	CVE-2026-13513	MyScale MyScaleDB SegmentId.h getCacheKey data authenticity_CVE-2026-13513 A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0. This vulnerability affects the function SegmentId::getCacheKey in the library...	MyScale	MyScaleDB 1.0	Jun 28, 2026	CVE
LOW 2.3	CVE-2026-13507	volcengine OpenViking Local VectorDB Primary-key Label str_to_uint64.py str_to_uint64 data authenticity_CVE-2026-13507 A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function str_to_uint64 of the file openviking/storage/vectordb...	volcengine	OpenViking 0.3.0	Jun 28, 2026	CVE
LOW 2	CVE-2026-13502	antlr ANTLR4 Maven Plugin GrammarDependencies.java ObjectInputStream.readObject toctou_CVE-2026-13502 A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main...	antlr	ANTLR4 4.13.0	Jun 28, 2026	CVE
LOW 2.3	CVE-2026-13489	78 xiaozhi-esp32 MCP Response mcp_server.cc ParseMessage improper synchronization_CVE-2026-13489 A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcp_server.cc ...	78	xiaozhi-esp32 2.2.0	Jun 28, 2026	CVE
LOW 2.3	CVE-2026-13493	AIDC-AI ComfyUI-Copilot Workflow Checkpoint Restore conversation_api.py resource injection_CVE-2026-13493 A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversati...	AIDC-AI	ComfyUI-Copilot 2.0.0	Jun 28, 2026	CVE
LOW 2.3	CVE-2026-13484	MLflow Experiment-scoped Label Schema CRUD API authorization_CVE-2026-13484 A vulnerability has been found in MLflow up to 4666cffc7912ea606d592fc38d6a75e2935f65e7. The impacted element is an unknown function of the compone...	n/a	MLflow 4666cffc7912ea606d592fc38d6a75e2935f65e7	Jun 28, 2026	CVE
LOW 2.3	CVE-2026-13483	arc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticity_CVE-2026-13483 A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encr...	arc53	DocsGPT 0.1	Jun 28, 2026	CVE
LOW 3.3	CVE-2026-58052	7-Zip – Mark-of-the-Web Bypass via RAR5 Alternate Data Stream Name Collision_CVE-2026-58052 7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an ...	7-Zip	7-Zip	Jun 28, 2026	CVE
LOW 3.1	MS:CVE-2026-12032	Chromium: CVE-2026-12032 Inappropriate implementation Passwords_MS:CVE-2026-12032 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
LOW 2.3	CVE-2026-47206	Dragonfly: RESP Protocol Injection via Lua redis.error_reply() in EvalSerializer_CVE-2026-47206 Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.9, Dragonfly has a RESP Protocol Injection via Lua redis...	dragonflydb	dragonfly < 1.38.9	Jun 26, 2026	CVE