HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-49991	RustFS Snowball Auto-Extract: Path Traversal allows cross-bucket object injection_CVE-2026-49991 RustFS is a distributed object storage system built in Rust. In 1.0.0-beta.4, authenticated users with only PutObject permission on their own bucke...	rustfs	rustfs 1.0.0-beta.4	Jun 26, 2026	CVE
HIGH 8.7	CVE-2026-32833	Cudy LT300 3.0 OS Command Injection via NTP Configuration_CVE-2026-32833 Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execu...	Shenzhen Cudy Technology Co., Ltd.	LT300 3.0	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-54353	Budibase: Potential SSRF DNS rebinding bypass in outbound fetch validation_CVE-2026-54353 Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automation permissions can bypass Budibase's SSRF blacklist...	Budibase	budibase < 3.39.9	Jun 26, 2026	CVE
HIGH 8.2	CVE-2026-54351	Budibase: Mass Assignment in Webhook Trigger Allows Cross-Workspace Automation Execution via appId Override_CVE-2026-54351 Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Budibase is publicly accessible and passes the full ...	Budibase	budibase < 3.39.9	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-52885	Notepad++ TOCTOU: HMAC Checks Disk, Executes from Memory_CVE-2026-52885 Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the momen...	notepad-plus-plus	notepad-plus-plus < 8.9.6.4	Jun 26, 2026	CVE
HIGH 7.8	CVE-2026-52884	Notepad++: CVE-2026-48800 Bypass_CVE-2026-52884 Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory() does NOT canonicalize the path before checking. It uses...	notepad-plus-plus	notepad-plus-plus = 8.9.6.1	Jun 26, 2026	CVE
HIGH 8.2	CVE-2026-50137	Budibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentials_CVE-2026-50137 Budibase is an open-source low-code platform. Prior to 3.39.0, an anonymous attacker who knows or can enumerate a workspace id (app_...) and an S3-...	Budibase	budibase < 3.39.0	Jun 26, 2026	CVE
HIGH 7.4	CVE-2026-50136	Budibase: Unauthenticated S3 signed upload URL generation allows arbitrary writes with stored datasource credentials_CVE-2026-50136 Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObje...	Budibase	budibase < 3.39.3	Jun 26, 2026	CVE
HIGH 7.3	CVE-2026-50132	Budibase: Chat Identity Link Hijacking via Missing Consent & CSRF — Account Impersonation in Budibase_CVE-2026-50132 Budibase is an open-source low-code platform. Prior to 3.39.0, `GET /api/chat-links/:instance/:token/handoff` is a public endpoint (no auth require...	Budibase	budibase < 3.39.0	Jun 26, 2026	CVE
HIGH 7.8	CVE-2026-48800	Notepad++: Arbitrary Code Execution via shortcuts.xml UserCommand Injection_CVE-2026-48800 Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag text content inside in shortcuts.xml is read by NppXml::value(a...	notepad-plus-plus	notepad-plus-plus < 8.9.6.1	Jun 26, 2026	CVE