HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.3	CVE-2026-12010	CVE-2026-12010_CVE-2026-12010 Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process ...	Google	Chrome 149.0.7827.115	Jun 11, 2026	CVE
HIGH 8.3	CVE-2026-12009	CVE-2026-12009_CVE-2026-12009 Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compr...	Google	Chrome 149.0.7827.115	Jun 11, 2026	CVE
HIGH 8.3	CVE-2026-12008	CVE-2026-12008_CVE-2026-12008 Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to...	Google	Chrome 149.0.7827.115	Jun 11, 2026	CVE
HIGH 8.8	CVE-2026-12007	CVE-2026-12007_CVE-2026-12007 Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML p...	Google	Chrome 149.0.7827.115	Jun 11, 2026	CVE
HIGH 7.5	CVE-2026-45170	Idira Privilege Cloud Connector: Potential Security Bypass due to Incomplete TLS Certificate Validation_CVE-2026-45170 Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not...	CyberArk Software, a Palo Alto Networks Company	PAM SH Connector 1.1.0	Jun 12, 2026	CVE
HIGH 8.8	CVE-2026-11933	Post-authentication use-after-free in server-side JavaScript BSON-to-array conversion_CVE-2026-11933 A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when converting BSON documents to JavaScript arrays. An aut...	MongoDB	MongoDB 8.3.0, 8.2.0, 8.0.0, 7.0.0, 6.0, 5.0, 4.4.0	Jun 12, 2026	CVE
HIGH 7	CVE-2026-6250	Authenticated Format String Injection on TP-Link Tapo C110_CVE-2026-6250 An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Extern...	TP-Link Systems Inc.	Tapo C110 v2	Jun 11, 2026	CVE
HIGH 8.5	CVE-2026-45174	Idira Endpoint Privilege Manager Linux Agent: Potential bypass of Agent Daemon Initialization_CVE-2026-45174 Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initializatio...	CyberArk Software, a Palo Alto Networks Company	Idira Endpoint Privilege Manager 26.0	Jun 11, 2026	CVE
HIGH 7.5	CVE-2026-44890	Netty has Unbounded Direct Memory Consumption in its RedisDecoder_CVE-2026-44890 Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and ...	netty	netty >= 4.2.0.Final, < 4.2.15.Final	Jun 11, 2026	CVE
HIGH 7.5	CVE-2026-44250	Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays_CVE-2026-44250 Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and ...	netty	netty >= 4.2.0.Final, < 4.2.15.Final	Jun 11, 2026	CVE