HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.6	CVE-2026-48599	Authorization bypass via path binding override in elixir-grpc/grpc HTTP transcoding_CVE-2026-48599 Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources bel...	elixir-grpc	grpc 0.8.0	Jun 15, 2026	CVE
HIGH 7.8	CVE-2026-48723	BrowserStack Cypress CL: Command Injection via cypress_config_file leads to arbitrary code execution through malicious browserstack.json_CVE-2026-48723 The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable...	browserstack	browserstack-cypress-cli < 1.36.6	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-9262	CVE-2026-9262_CVE-2026-9262 Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier	Canon Inc.	EOS Network Setting Tool for Windows 1.5.0 or earlier	Jun 15, 2026	CVE
HIGH 7.6	CVE-2026-9261	CVE-2026-9261_CVE-2026-9261 Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier	Canon Inc.	EOS Network Setting Tool for Windows 1.5.0 or earlier	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-9259	CVE-2026-9259_CVE-2026-9259 Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier	Canon Inc.	EOS Network Setting Tool for Windows 1.5.0 or earlier	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-9258	CVE-2026-9258_CVE-2026-9258 Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier	Canon Inc.	EOS Network Setting Tool for Windows 1.5.0 or earlier	Jun 15, 2026	CVE
HIGH 7.8	CVE-2026-41158	GPU DDK – Backed sparse PMRs are not handled by deferred free mechanism after shrink_CVE-2026-41158 Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory all...	Imagination Technologies	Graphics DDK 1.18 RTM	Jun 12, 2026	CVE
HIGH 8.8	CVE-2026-34195	GPU DDK – Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page translation from virtual page indexes_CVE-2026-34195 Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel....	Imagination Technologies	Graphics DDK 1.18 RTM	Jun 12, 2026	CVE
HIGH 7.8	CVE-2025-56814	CVE-2025-56814_CVE-2025-56814 A code injection vulnerability in the wxExecute() function of OpenCPN v5.12.0 allows attackers to execute arbitrary code via embedding shell metach...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-52702	WordPress SEO Redirection plugin <= 9.17 - Cross Site Scripting (XSS) vulnerability_CVE-2026-52702 Unauthenticated Cross Site Scripting (XSS) in SEO Redirection	wp-buy	SEO Redirection n/a	Jun 15, 2026	CVE