LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.5	CVE-2026-9060	Agile Store Locator < 1.6.6 - Admin+ Stored XSS via map_style_CVE-2026-9060 The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store L...	Unknown	Store Locator WordPress	Jun 10, 2026	CVE
LOW 2.3	CVE-2026-29114	CVE-2026-29114_CVE-2026-29114 A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted...	Dahua	IPC Some IPC models are affected, specifically those with a build date before April 15, 2026.	Jun 10, 2026	CVE
LOW 3.7	CVE-2026-41694	SAML Payloads Decrypted Without Valid Signature_CVE-2026-41694 Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signatu...	Spring	Spring Security 5.7.0	Jun 9, 2026	CVE
LOW 2.1	CVE-2026-46546	Frappe LMS: HTML injection in user-controlled metadata_CVE-2026-46546 Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to version 2.53.0, an authenticated us...	frappe	lms < 2.53.0	Jun 9, 2026	CVE
LOW 3.7	CVE-2026-42770	FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770 Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup members...	OpenSSL	OpenSSL 4.0.0	Jun 9, 2026	CVE
LOW 3.7	CVE-2026-42768	Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()_CVE-2026-42768 Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CM...	OpenSSL	OpenSSL 4.0.0	Jun 9, 2026	CVE
LOW 3.5	CVE-2026-48289	Adobe Experience Manager \| Improper Input Validation (CWE-20)_CVE-2026-48289 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result...	Adobe	Adobe Experience Manager	Jun 9, 2026	CVE
LOW 3.5	CVE-2026-48288	Adobe Experience Manager \| Improper Input Validation (CWE-20)_CVE-2026-48288 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result...	Adobe	Adobe Experience Manager	Jun 9, 2026	CVE
LOW 3.9	CVE-2026-45642	Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability_CVE-2026-45642 {“lastseen”:””,”description”:””,”published”:”2026-06-09T17:04:52.299Z”,&#82...	Microsoft	Windows 10 Version 1607 10.0.14393.0	Jun 9, 2026	CVE
LOW 3.3	CVE-2026-45485	Microsoft Office Information Disclosure Vulnerability_CVE-2026-45485 {“lastseen”:””,”description”:””,”published”:”2026-06-09T17:04:25.336Z”,&#82...	Microsoft	Microsoft 365 Apps for Enterprise 16.0.1	Jun 9, 2026	CVE