LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 1.2	CVE-2026-10729	HTML injection in the notification email for “Slow Redirect” and “Cloned Website” Canarytokens_CVE-2026-10729 An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research ...	Thinkst Applied Research	Canarytokens sha-c42435e	Jun 3, 2026	CVE
LOW 2.3	CVE-2026-50052	CVE-2026-50052_CVE-2026-50052 In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request des...	The Vinyl Cache Project	Vinyl Cache 9.0.0	Jun 3, 2026	CVE
LOW 2.3	CVE-2026-10705	dask HLL hyperloglog.py nunique_approx resource consumption_CVE-2026-10705 A flaw has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the com...	n/a	dask 3.0	Jun 3, 2026	CVE
LOW 1.8	CVE-2026-10717	Open-Seachest/Seachest show SCSI Defect List Vulnerability_CVE-2026-10717 Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing ...	N/A	N/A 26.03.0	Jun 2, 2026	CVE
LOW 1.8	CVE-2026-10719	Open Seachest/Seachest NVMe show Format Descriptors Vulnerability_CVE-2026-10719 Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 ext...	N/A	N/A	Jun 2, 2026	CVE
LOW 2.1	CVE-2026-48598	CRLF injection in Tesla.Multipart disposition parameters allows multipart part header injection_CVE-2026-48598 Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Dispositio...	elixir-tesla	tesla 0.8.0	Jun 2, 2026	CVE
LOW 2.1	CVE-2026-48596	CRLF injection in Tesla.Multipart.add_content_type_param/2 allows HTTP header injection_CVE-2026-48596 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in elixir-tesla tesla allows HTTP heade...	elixir-tesla	tesla 0.8.0	Jun 2, 2026	CVE
LOW 2.3	CVE-2026-35202	Pterodactyl has a database resource limit bypass via race condition in Client API_CVE-2026-35202 Pterodactyl is a free, open-source game server management panel. Prior to version 1.12.3, the Pterodactyl Client API has a logic flaw that lets use...	pterodactyl	panel < 1.12.3	Jun 2, 2026	CVE
LOW 2.1	CVE-2026-48861	CRLF injection in HTTP/1 request line via unvalidated method in Mint_CVE-2026-48861 Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smugg...	elixir-mint	mint 0.1.0	Jun 2, 2026	CVE
LOW 3.8	CVE-2026-45683	OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure_CVE-2026-45683 OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl pr...	open-telemetry	opentelemetry-ebpf-instrumentation < 0.9.0	Jun 2, 2026	CVE