HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.7	THN:C70D8BC2816...	Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting_THN:C70D8BC28161A5329790CE84AF7C8F85 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpiAGZTnvo43enaVYkna4ZSp217mwwW5kW8kZOhaSiLAxicjvHQY-3d8rdLN47bsRvxUIj6R0h_Ttr8NcIJr...	N/A	N/A	Jun 16, 2026	THN
HIGH 8.1	CVE-2026-50891	CVE-2026-50891_CVE-2026-50891 Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request.	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50881	CVE-2026-50881_CVE-2026-50881 Incorrect access control in the impworks Bonsai v6.0 allows authenticated attackers with Editor privileges to escalate privileges to Administrator ...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50875	CVE-2026-50875_CVE-2026-50875 Incorrect access control in the /{form}/webhooks/{webhook} endpoint of Deck9 Input v2.0.1 allows authenticated attackers to arbitrarily modify or d...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50874	CVE-2026-50874_CVE-2026-50874 An OS command injection vulnerability in the /manage/features/media component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arb...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.4	CVE-2026-39118	CVE-2026-39118_CVE-2026-39118 An issue in Iru, Inc Kandji Agent before v.4.7.5(5374) allows a local attacker to escalate privileges via a client validation gap to invoke restric...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 7.3	CVE-2026-12318	Incorrect boundary conditions in the Libraries component in NSS_CVE-2026-12318 Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152.	Mozilla	Firefox 152	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-12317	Memory safety bug fixed in Thunderbird 152_CVE-2026-12317 Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.	Mozilla	Firefox 152	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-12314	Memory safety bug fixed in Thunderbird 152_CVE-2026-12314 Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.	Mozilla	Firefox 140.12	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-12312	Memory safety bug fixed in Thunderbird 152_CVE-2026-12312 Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.	Mozilla	Firefox 140.12	Jun 16, 2026	CVE