HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2025-53114	CometD has acknowledgement extension out of memory_CVE-2025-53114 CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0....	cometd	cometd >= 5.0.0, < 5.0.23	Jun 18, 2026	CVE
HIGH 8.7	CVE-2025-32437	AutoGPT has a DoS vulnerability in MediaDurationBlock_CVE-2025-32437 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `MediaD...	Significant-Gravitas	AutoGPT < 0.6.63	Jun 18, 2026	CVE
HIGH 7.1	CVE-2025-32436	AutoGPT has a DoS vulnerability in AddAudioToVideoBlock_CVE-2025-32436 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `AddAud...	Significant-Gravitas	AutoGPT < 0.6.63	Jun 18, 2026	CVE
HIGH 8.7	CVE-2025-32424	AutoGPT has a DoS vulnerability in ScreenshotWebPageBlock_CVE-2025-32424 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, Screens...	Significant-Gravitas	AutoGPT < 0.6.63	Jun 18, 2026	CVE
HIGH 8.7	CVE-2025-32422	AutoGPT has a DoS vulnerability in FileStoreBlock with StepThroughItemsBlock_CVE-2025-32422 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `StepTh...	Significant-Gravitas	AutoGPT < 0.6.63	Jun 18, 2026	CVE
HIGH 8.7	CVE-2025-32392	AutoGPT has a DoS vulnerability in LoopVideoBlock_CVE-2025-32392 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AutoGPT...	Significant-Gravitas	AutoGPT < 0.6.63	Jun 18, 2026	CVE
HIGH 7.5	PACKETSTORM:223805	📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:223805 WordPress Contest Gallery plugin version 28.1.4 unauthenticated blind SQL Injection exploit written in Python3...	N/A	N/A	Jun 18, 2026	PACKETSTORM
HIGH 8.4	CVE-2026-12390	Access of resource using incompatible type (‘type confusion’) in AzeoTech DAQFactory_CVE-2026-12390 In AzeoTech DAQFactory versions 21.1 and prior, a Type Confusion vulnerability can be exploited by an attacker using specially crafted .ctl files w...	AzeoTech	DAQFactory	Jun 18, 2026	CVE
HIGH 8.7	CVE-2026-48716	nanobot: Path traversal via unsanitized WhatsApp document fileName enables arbitrary file write_CVE-2026-48716 nanobot is a personal AI assistant. In versions 0.1.5.post3 and prior, the WhatsApp bridge in bridge/src/whatsapp.ts constructs a filesystem path u...	HKUDS	nanobot <= 0.1.5.post3	Jun 18, 2026	CVE
HIGH 8.5	CVE-2026-25865	Punto Switcher 4.5.0.583 Unquoted Search Path via WinExec_CVE-2026-25865 Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by ex...	Yandex	Punto Switcher	Jun 18, 2026	CVE