HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.2	CVE-2026-50137	Budibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentials_CVE-2026-50137 Budibase is an open-source low-code platform. Prior to 3.39.0, an anonymous attacker who knows or can enumerate a workspace id (app_...) and an S3-...	Budibase	budibase < 3.39.0	Jun 26, 2026	CVE
HIGH 7.4	CVE-2026-50136	Budibase: Unauthenticated S3 signed upload URL generation allows arbitrary writes with stored datasource credentials_CVE-2026-50136 Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObje...	Budibase	budibase < 3.39.3	Jun 26, 2026	CVE
HIGH 7.3	CVE-2026-50132	Budibase: Chat Identity Link Hijacking via Missing Consent & CSRF — Account Impersonation in Budibase_CVE-2026-50132 Budibase is an open-source low-code platform. Prior to 3.39.0, `GET /api/chat-links/:instance/:token/handoff` is a public endpoint (no auth require...	Budibase	budibase < 3.39.0	Jun 26, 2026	CVE
HIGH 7.8	CVE-2026-48800	Notepad++: Arbitrary Code Execution via shortcuts.xml UserCommand Injection_CVE-2026-48800 Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag text content inside in shortcuts.xml is read by NppXml::value(a...	notepad-plus-plus	notepad-plus-plus < 8.9.6.1	Jun 26, 2026	CVE
HIGH 7.8	CVE-2026-48778	Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter_CVE-2026-48778 Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value() (Parameters.cpp:6430) a...	notepad-plus-plus	notepad-plus-plus < 8.9.6.1	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-46710	Notepad++: Privilege Escalation in the Installer via Uncontrolled Executable Search Path_CVE-2026-46710 Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in th...	notepad-plus-plus	notepad-plus-plus >= 8.9.4, < 8.9.6	Jun 26, 2026	CVE
HIGH 8.7	CVE-2026-55069	Kestra BasicAuth Password Stored as SHA-512 Enables Offline Brute-Force Attack_CVE-2026-55069 Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component...	kestra-io	kestra < 1.3.24	Jun 26, 2026	CVE
HIGH 7.7	CVE-2026-49984	Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)_CVE-2026-49984 Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-suppli...	kestra-io	kestra < 1.0.45	Jun 26, 2026	CVE
HIGH 7.7	CVE-2026-45807	Kestra: Path traversal via URL-encoded “%2E%2E” in execution and namespace file endpoints allows arbitrary file read_CVE-2026-45807 Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from...	kestra-io	kestra < 1.0.43	Jun 26, 2026	CVE
HIGH 8.3	MS:CVE-2026-13025	Chromium: CVE-2026-13025 Insufficient validation of untrusted input in DevTools_MS:CVE-2026-13025 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE