HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.2	CVE-2026-56239	Capgo – Privilege Escalation via SECURITY DEFINER Function apply_usage_overage_CVE-2026-56239 Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public.apply_usage_overage SECURITY DEFINER function, which pe...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7.1	CVE-2026-56229	Capgo – Cross-App Build Job Access via app_id/job_id Mismatch in /build/status and /build/logs_CVE-2026-56229 Capgo before 12.128.2 contains an authorization bypass vulnerability in the /build/status and /build/logs endpoints that allows attackers to access...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71378	picklescan – Remote Code Execution via Undetected cProfile.runctx in Pickle Files_CVE-2025-71378 picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71357	picklescan – Arbitrary Code Execution via Undetected idlelib.pyshell.ModifiedInterpreter.runcommand_CVE-2025-71357 picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers c...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71351	picklescan – Remote Code Execution via timeit.timeit() Detection Bypass_CVE-2025-71351 picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the __reduce__ method, allowing remote code execution. ...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71348	picklescan – Arbitrary Code Execution via torch.utils._config_module.load_config Bypass_CVE-2025-71348 picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_config function within reduce methods. ...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 8.8	D301242C-B53B-	Exploit for Code Injection in Anthropic Claude_Code_D301242C-B53B-53BF-A743-4107276D8DCA dotclaude-security Scan a repo's local .claude/ config — settings.json hooks, MCP server defs, env blocks, permissions.allow — for the RCE and API-...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
HIGH 8.5	CVE-2026-12786	Ezbsystems UltraISO Premium Edition Kernel Driver bootpt64.sys access control_CVE-2026-12786 A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the libra...	Ezbsystems	UltraISO Premium Edition 9.0	Jun 21, 2026	CVE
HIGH 8.5	CVE-2026-12784	IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys access control_CVE-2026-12784 A weakness has been identified in IM-Magic Partition Resizer up to 7.9.0. This affects an unknown function in the library MDA_NTDRV.sys of the comp...	IM-Magic	Partition Resizer 7.0	Jun 21, 2026	CVE
HIGH 8.5	CVE-2026-12782	EaseUS Partition Master Kernel Driver EUEDKEPM.sys access control_CVE-2026-12782 A security flaw has been discovered in EaseUS Partition Master up to 14.5. The impacted element is an unknown function in the library EUEDKEPM.sys ...	EaseUS	Partition Master 14.0	Jun 21, 2026	CVE