CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.5	CVE-2026-25551	Seagull Software BarTender Deserialization Privilege Escalation via .NET Remoting Service_CVE-2026-25551 Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to esca...	Seagull Software, LLC.	BarTender 2021 R1	Jun 4, 2026	CVE
CRITICAL 9.3	CVE-2026-25550	Seagull Software BarTender Unauthenticated RCE via .NET Remoting Service_CVE-2026-25550 Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed...	Seagull Software, LLC.	BarTender 2010	Jun 4, 2026	CVE
CRITICAL 9.8	CVE-2026-10880	Unauthenticated SQL Injection in Osnexus Quantastor_CVE-2026-10880 OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username field is not properly sanitized before being inco...	Osnexus	QuantaStor 5.9	Jun 4, 2026	CVE
HIGH 7.5	CVE-2026-10796	nvm executes commands from a malicious Node.js mirror’s version strings_CVE-2026-10796 nvm (Node Version Manager) through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Command...	nvm-sh	nvm	Jun 4, 2026	CVE
HIGH 7.1	CVE-2026-41522	Iris has an Improper Authorization issue_CVE-2026-41522 Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IR...	dfir-iris	iris-web < 2.4.28	Jun 4, 2026	CVE
HIGH 7.6	CVE-2026-41518	Chartbrew has a stored DOM XSS via Chart Tooltip innerHTML (ChartDatasetConfig.legend)_CVE-2026-41518 Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In versions 4.9.0 th...	chartbrew	chartbrew >= 4.9.0, < 5.0.1	Jun 4, 2026	CVE
HIGH 8.2	CVE-2026-41249	CoreShop Vulnerable to Remote Code Execution (RCE) via Insecure `pull_request_target` Configuration_CVE-2026-41249 CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow (`.github/workflows/static....	coreshop	CoreShop >= 5.0.1, <= 5.1.0-beta.1	Jun 4, 2026	CVE
MEDIUM 5.8	CVE-2026-21404	NAVTOR NavBox Use of Hard-coded Credentials_CVE-2026-21404 NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation (SOAP) implementation. If the S...	NAVTOR	NavBox	Jun 4, 2026	CVE
MEDIUM 6.3	CVE-2026-5066	net: sockets: tls: Potential out-of-bounds write/read in socket_op_vtable::connect function_CVE-2026-5066 A potential out-of-bounds write/read exists in the TLS socket connect path of the network sockets subsystem (subsys/net/lib/sockets/sockets_tls.c)....	zephyrproject-rtos	Zephyr *	Jun 4, 2026	CVE
MEDIUM 6.3	CVE-2026-42538	IRIS has an Insecure File Upload_CVE-2026-42538 IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not ...	dfir-iris	iris-web < 2.4.28	Jun 4, 2026	CVE