LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.8	CVE-2026-22014	CVE-2026-22014_CVE-2026-22014 {“lastseen”:””,”description”:””,”published”:”2026-04-21T20:35:09.266Z”,&#82...	Oracle Corporation	Oracle User Management 12.2.7	Apr 21, 2026	CVE
LOW 3.7	CVE-2026-22008	CVE-2026-22008_CVE-2026-22008 {“lastseen”:””,”description”:””,”published”:”2026-04-21T20:35:05.513Z”,&#82...	Oracle Corporation	Oracle Java SE 25.0.1	Apr 21, 2026	CVE
LOW 2.9	CVE-2026-22007	CVE-2026-22007_CVE-2026-22007 {“lastseen”:””,”description”:””,”published”:”2026-04-21T20:35:04.885Z”,&#82...	Oracle Corporation	Oracle Java SE 8u481	Apr 21, 2026	CVE
LOW 2.7	CVE-2026-22001	CVE-2026-22001_CVE-2026-22001 {“lastseen”:””,”description”:””,”published”:”2026-04-21T20:35:00.375Z”,&#82...	Oracle Corporation	MySQL Server 8.0.0	Apr 21, 2026	CVE
LOW 3.3	CVE-2026-29179	October: Editor Sub-Permission Bypass for Asset and Blueprint File Operations_CVE-2026-29179 October is a Content Management System (CMS) and web platform. Prior to 3.7.16 and 4.1.16, fine-grained sub-permission checks for asset and bluepri...	octobercms	october >= 4.0.0, < 4.1.16	Apr 21, 2026	CVE
LOW 3.1	CVE-2026-27937	October: Reflected XSS via DataTable Form Widget_CVE-2026-27937 October is a Content Management System (CMS) and web platform. Prior to 3.7.16 and 4.1.16, a reflected Cross-Site Scripting (XSS) vulnerability was...	octobercms	october >= 4.0.0, < 4.1.16	Apr 21, 2026	CVE
LOW 3.7	CVE-2026-40279	BACnet Stack: Undefined-behavior signed left shift in `decode_signed32()`_CVE-2026-40279 BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decode_signed32() in src/bacnet/bacint.c recons...	bacnet-stack	bacnet-stack < 1.4.3	Apr 21, 2026	CVE
LOW 3.7	CVE-2025-31958	HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling_CVE-2025-31958 HCL BigFix Service Management is susceptible to HTTP Request Smuggling. HTTP request smuggling vulnerabilities arise when websites route HTTP requ...	HCLSoftware	BigFix Service Management (SM) 23	Apr 21, 2026	CVE
LOW 3.2	CVE-2026-31369	Privilege Bypass in PcManager_CVE-2026-31369 PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability	Honor	PcManager 1.0.0.2	Apr 21, 2026	CVE
LOW 2	CVE-2026-40264	OpenBao’s Token Store Allows Cross-Namespace Renewal, Revocation_CVE-2026-40264 OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a...	openbao	openbao < 2.5.3	Apr 21, 2026	CVE