HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.3	MS:CVE-2026-12437	CVE-2026-12437 Use after free in WebShare_MS:CVE-2026-12437 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 7.8	MS:CVE-2026-12449	CVE-2026-12449 Use after free in Chromoting_MS:CVE-2026-12449 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 8.8	MS:CVE-2026-12466	CVE-2026-12466 Heap buffer overflow in WebRTC_MS:CVE-2026-12466 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 7.1	CVE-2026-49344	Mercator has a Personal Identifiable Information Leak from Query Executor feature_CVE-2026-49344 Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, Mercator's Query Engine (`/...	sourcentis	mercator < 2025.05.19	Jun 19, 2026	CVE
HIGH 7.4	CVE-2026-48787	gin-vue-admin vulnerable to RCE_CVE-2026-48787 gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature ...	flipped-aurora	gin-vue-admin = 2.9.1	Jun 19, 2026	CVE
HIGH 7.5	CVE-2026-48774	ProxySQL MCP run_sql_readonly executes side-effecting MySQL multi-statements despite read-only contract_CVE-2026-48774 ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 3.0.0 through 3.0.8, ProxySQL's GenAI/MCP `run_sql_readonly` tool v...	sysown	proxysql >= 3.0.6, < 3.0.9	Jun 19, 2026	CVE
HIGH 7.7	CVE-2026-48715	radvdump’s Route Information Option Parser has a Stack Buffer Overflow_CVE-2026-48715 radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the `radvdump` utility shipped with radvd contains a stack buffer overflow ...	radvd-project	radvdump < 2.21	Jun 19, 2026	CVE
HIGH 7.1	CVE-2026-48089	DevGuard has improper authorization on public assets_CVE-2026-48089 DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public a...	l3montree-dev	devguard < 1.4.2	Jun 19, 2026	CVE
HIGH 7.5	CVE-2026-50559	Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities_CVE-2026-50559 Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20....	quarkusio	quarkus >= 3.36.0, < 3.36.3	Jun 19, 2026	CVE
HIGH 7.1	CVE-2026-49346	libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow_CVE-2026-49346 libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and...	strukturag	libde265 < 1.1.0	Jun 19, 2026	CVE