LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.5	CVE-2026-33659	EspoCRM: SSRF via DNS Rebinding in Attachment fromImageUrl Endpoint Allows Internal Network Access_CVE-2026-33659 EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Attachment/fromImageUrl endpo...	espocrm	espocrm < 9.3.4	Apr 13, 2026	CVE
LOW 2.7	CVE-2026-39510	WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.11 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-39510 Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allow...	WP Chill	Image Photo Gallery Final Tiles Grid	Apr 8, 2026	CVE
LOW 2.1	CVE-2026-30812	Stored Cross-Site Scripting in Event Comments via Filter Bypass_CVE-2026-30812 Improper Neutralization of Input During Web Page Generation vulnerability allows Stored Cross-Site Scripting via event comments. This issue affects...	Pandora FMS	Pandora FMS 777	Apr 13, 2026	CVE
LOW 2	CVE-2026-0233	Autonomous Digital Experience Manager: Improper validation of ADEM certificate_CVE-2026-0233 A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker wi...	Palo Alto Networks	Autonomous Digital Experience Manager 5.10.0	Apr 13, 2026	CVE
LOW 2.5	CVE-2026-34849	CVE-2026-34849_CVE-2026-34849 UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability.	Huawei	HarmonyOS 6.0.0	Apr 13, 2026	CVE
LOW 2.2	CVE-2026-34851	CVE-2026-34851_CVE-2026-34851 Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability.	Huawei	HarmonyOS 5.1.0	Apr 13, 2026	CVE
LOW 1.9	CVE-2026-34850	CVE-2026-34850_CVE-2026-34850 Race condition vulnerability in the notification service. Impact: Successful exploitation of this vulnerability may affect availability.	Huawei	HarmonyOS 5.1.0	Apr 13, 2026	CVE
LOW 3.5	E3AC4D1E-6D98-	Exploit for CVE-2020-24586_E3AC4D1E-6D98-5584-88D0-C274C21F6239 Fracture FragAttacks WiFi Penetration Framework CVE-2020-24586 / CVE-2020-24587 / CVE-2020-24588 Fracture automates three novel attack chains via 8...	N/A	N/A	Apr 12, 2026	GITHUBEXPLOIT
LOW 2.3	CVE-2026-32642	Apache Artemis, Apache ActiveMQ Artemis: Temporary address auto-created for OpenWire consumer without createAddress permission_CVE-2026-32642 Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol a...	Apache Software Foundation	Apache Artemis 2.50.0	Mar 24, 2026	CVE
LOW 3.7	CVE-2026-28753	NGINX ngx_mail_proxy_module vulnerability_CVE-2026-28753 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_module module due to the improper handling of CRLF sequences in DNS resp...	F5	NGINX Open Source 1.29.0	Mar 24, 2026	CVE