HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.2	CVE-2026-49260	PhpWeasyPrint: shell command injection via configurable WeasyPrint binary path due to inverted is_executable() guard (mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc)_CVE-2026-49260 PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.5.1, `pontedilana/php-weasyprint` builds the ...	pontedilana	php-weasyprint < 2.5.1	Jun 19, 2026	CVE
HIGH 7.4	CVE-2026-3195	Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)_CVE-2026-3195 A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the `virtio_snd_pcm_in_cb` function did not check wheth...	N/A	N/A 8.2.0	Jun 19, 2026	CVE
HIGH 8.7	CVE-2026-55204	HAProxy – NULL Pointer Dereference in hpack_dht_insert Function_CVE-2026-55204 HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpack_dht_insert() within src/hpack-tbl.c tha...	haproxy	haproxy	Jun 18, 2026	CVE
HIGH 8.8	CVE-2026-54104	U.S. GAO EPDS and CBCA EDS client-based privilege escalation_CVE-2026-54104 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
HIGH 7.5	CVE-2026-38718	CVE-2026-38718_CVE-2026-38718 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability...	n/a	n/a n/a	Jun 18, 2026	CVE
HIGH 7.5	CVE-2025-53114	CometD has acknowledgement extension out of memory_CVE-2025-53114 CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0....	cometd	cometd >= 5.0.0, < 5.0.23	Jun 18, 2026	CVE
HIGH 8.7	CVE-2025-32437	AutoGPT has a DoS vulnerability in MediaDurationBlock_CVE-2025-32437 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `MediaD...	Significant-Gravitas	AutoGPT < 0.6.63	Jun 18, 2026	CVE
HIGH 7.1	CVE-2025-32436	AutoGPT has a DoS vulnerability in AddAudioToVideoBlock_CVE-2025-32436 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `AddAud...	Significant-Gravitas	AutoGPT < 0.6.63	Jun 18, 2026	CVE
HIGH 8.7	CVE-2025-32424	AutoGPT has a DoS vulnerability in ScreenshotWebPageBlock_CVE-2025-32424 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, Screens...	Significant-Gravitas	AutoGPT < 0.6.63	Jun 18, 2026	CVE
HIGH 8.7	CVE-2025-32422	AutoGPT has a DoS vulnerability in FileStoreBlock with StepThroughItemsBlock_CVE-2025-32422 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `StepTh...	Significant-Gravitas	AutoGPT < 0.6.63	Jun 18, 2026	CVE