LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.1	CVE-2026-49380	CVE-2026-49380_CVE-2026-49380 In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible	JetBrains	TeamCity	May 29, 2026	CVE
LOW 3.4	CVE-2026-49370	CVE-2026-49370_CVE-2026-49370 In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests	JetBrains	YouTrack	May 29, 2026	CVE
LOW 2.3	CVE-2026-34507	OpenClaw < 2026.4.29 - Policy Bypass in QQBot Admin Commands via DM-only and allowFrom Checks_CVE-2026-34507 OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that allows authenticated senders to skip DM-only and allo...	OpenClaw	OpenClaw	May 29, 2026	CVE
LOW 2.3	CVE-2026-33386	XSS in QuickCMS_CVE-2026-33386 QuickCMS is vulnerable to Cross-Site Scripting (XSS) through its insecure HTTP-based plugin‑fetching mechanism. A malicious attacker can perform a ...	OpenSolution	QuickCMS	May 29, 2026	CVE
LOW 2.3	CVE-2026-32906	OpenClaw < 2026.5.12 - Privilege Escalation in Slack Plugin Approvals via Exec Approver Gate_CVE-2026-32906 OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals that allows exec-authorized users to resolve plug...	OpenClaw	OpenClaw	May 29, 2026	CVE
LOW 2.4	CVE-2026-49318	Indian Scout Bobber 2025 Infotainment Digital Round skips PIN entry when WCM is silent at boot_CVE-2026-49318 Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacen...	Indian Motorcycle (Polaris Inc.)	Scout Bobber + Tech 2025	May 29, 2026	CVE
LOW 2.4	CVE-2026-49317	Indian Scout Bobber 2025 Infotainment Digital Round skips PIN entry when WCM is silent at boot_CVE-2026-49317 Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacen...	Indian Motorcycle (Polaris Inc.)	Scout Bobber + Tech 2025	May 29, 2026	CVE
LOW 1	CVE-2026-40528	OpenSC < 0.27.0 Buffer Overrun in do_key_value() via profile.c_CVE-2026-40528 OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the do_key_value() function in src/pkcs15i...	OpenSC	OpenSC	May 29, 2026	CVE
LOW 1	CVE-2026-40510	OpenSC < 0.27.0-rc1 Stack Buffer Overflow via piv_process_history() in card-piv.c_CVE-2026-40510 OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in piv_process_history() in src/libopensc/card-pi...	OpenSC	OpenSC	May 29, 2026	CVE
LOW 2.7	CVE-2026-10078	Quay/config-tool: quay/config-tool: gitlab oauth client_secret exposed in url querystring_CVE-2026-10078 A flaw was found in the Quay config-tool's GitLab OAuth validator. This vulnerability causes sensitive credentials, specifically client_id and clie...	Red Hat	Red Hat Quay 3	May 29, 2026	CVE