HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-50010	Netty’s wrapping plain trust manager silently disables hostname verification_CVE-2026-50010 Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SimpleT...	netty	netty >= 4.2.0.Final, < 4.2.15.Final	Jun 12, 2026	CVE
HIGH 7.5	CVE-2026-48748	Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion_CVE-2026-48748 Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, a memory exhaustion vulner...	netty	netty >= 4.2.0.Final, < 4.2.15.Final	Jun 12, 2026	CVE
HIGH 8.7	CVE-2026-48059	Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion_CVE-2026-48059 Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAP...	netty	netty >= 4.2.0.Final, < 4.2.15.Final	Jun 12, 2026	CVE
HIGH 8.7	CVE-2026-48006	Netty’s Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator_CVE-2026-48006 Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the Red...	netty	netty >= 4.2.0.Final, < 4.2.15.Final	Jun 12, 2026	CVE
HIGH 8.7	CVE-2026-47691	Netty has Insufficient Bailiwick Validation for NS Records_CVE-2026-47691 Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's...	netty	netty >= 4.2.0.Final, < 4.2.15.Final	Jun 12, 2026	CVE
HIGH 8.8	CVE-2026-45832	CVE-2026-45832_CVE-2026-45832 All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers...	Chroma	ChromaDB 0.5.0	Jun 12, 2026	CVE
HIGH 8.8	CVE-2026-45831	CVE-2026-45831_CVE-2026-45831 The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds...	Chroma	ChromaDB 0.5.0	Jun 12, 2026	CVE
HIGH 8.8	CVE-2026-45830	CVE-2026-45830_CVE-2026-45830 A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authenticated users to arbitrarily read, wr...	Chroma	ChromaDB 0.4.17	Jun 12, 2026	CVE
HIGH 7.7	CVE-2026-40677	CVE-2026-40677_CVE-2026-40677 The use of insecure HTTP transport within AMD optional tools could allow an attacker to conduct a man-in-the-middle attack, potentially leading to ...	AMD	AMD Management Console (AMC) 14.0.0	Jun 12, 2026	CVE
HIGH 7.8	505F1E52-4323-	Exploit for CVE-2022-38694_505F1E52-4323-5C51-843E-6F1628F070BF ZTE Blade X1001 — Root con Magisk Android 15, Unisoc UMS9230 ⚠️ ADVERTENCIA: Rootear un dispositivo puede anular la garantía, brickear el dispositi...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT