HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7	CVE-2026-53846	OpenClaw < 2026.4.29 - Arbitrary Package Manager Execution via Workspace .env npm_execpath_CVE-2026-53846 OpenClaw before 2026.4.29 contains a path traversal vulnerability in the install helper that allows workspace .env files to override the npm_execpa...	OpenClaw	OpenClaw	Jun 16, 2026	CVE
HIGH 8.7	CVE-2026-53843	OpenClaw < 2026.5.26 - Node Token Revocation Bypass via Pairing-Scoped Device Session_CVE-2026-53843 OpenClaw before 2026.5.26 contains an authorization bypass vulnerability where a surviving pairing-scoped device session can re-establish node toke...	OpenClaw	OpenClaw	Jun 16, 2026	CVE
HIGH 7	CVE-2026-53842	OpenClaw < 2026.5.2 - Arbitrary Python Runtime Execution via CLOUDSDK_PYTHON Environment Variable_CVE-2026-53842 OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence Python runtime selecti...	OpenClaw	OpenClaw	Jun 16, 2026	CVE
HIGH 7.8	CVE-2026-50656	Microsoft Defender Elevation of Privilege Vulnerability_CVE-2026-50656 {“lastseen”:””,”description”:””,”published”:”2026-06-16T18:01:33.601Z”,&#82...	Microsoft	Microsoft Malware Protection Engine -	Jun 16, 2026	CVE
HIGH 7.8	CVE-2026-47964	DNG SDK \| Heap-based Buffer Overflow (CWE-122)_CVE-2026-47964 DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in...	Adobe	DNG SDK	Jun 16, 2026	CVE
HIGH 7.8	CVE-2026-47749	stable-diffusion.cpp: Heap buffer overflow in SHORT_BINUNICODE parsing for PyTorch checkpoint files_CVE-2026-47749 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. Ve...	leejet	stable-diffusion.cpp < master-584-0a7ae07	Jun 16, 2026	CVE
HIGH 8.6	CVE-2026-10748	Nexus Repository 3 – Remote Code Execution via License Deserialization_CVE-2026-10748 An authenticated user with the nx-licensing-create privilege can upload a specially crafted license file to execute arbitrary operating system comm...	Sonatype	Nexus Repository 3.0.0	Jun 16, 2026	CVE
HIGH 7.8	CVE-2026-47750	stable-diffusion.cpp: Heap buffer overflow in GLOBAL opcode parsing for PyTorch checkpoint files_CVE-2026-47750 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In...	leejet	stable-diffusion.cpp < master-584-0a7ae07	Jun 16, 2026	CVE
HIGH 7.8	CVE-2026-47747	stable-diffusion.cpp has a Heap-based Buffer Overflow_CVE-2026-47747 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In...	leejet	stable-diffusion.cpp < master-584-0a7ae07	Jun 16, 2026	CVE
HIGH 8.6	CVE-2026-22312	Use of Hard-coded Credentials Vulnerability in Radiflow iSAP Smart Collector_CVE-2026-22312 The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get a...	Radiflow	iSAP Smart Collector 3.07-1	Jun 16, 2026	CVE