LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.7	CVE-2026-8492	Translate Drupal with GTranslate – Less critical – DOM clobbering / link manipulation – SA-CONTRIB-2026-035_CVE-2026-8492 Modification of Assumed-Immutable Data (MAID) vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This iss...	Drupal	Translate Drupal with GTranslate 0.0.0	May 19, 2026	CVE
LOW 3.7	CVE-2026-8491	Node View Permissions – Moderately critical – Access bypass – SA-CONTRIB-2026-034_CVE-2026-8491 Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects No...	Drupal	Node View Permissions 0.0.0	May 19, 2026	CVE
LOW 2.3	CVE-2026-47068	Cross-session PubSub topic injection via URL parameter in phoenix_storybook_CVE-2026-47068 Authorization Bypass Through User-Controlled Key vulnerability in phenixdigital phoenix_storybook allows cross-session PubSub topic injection via a...	phenixdigital	phoenix_storybook 0.4.0	May 20, 2026	CVE
LOW 3.7	CVE-2025-31985	HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header_CVE-2025-31985 HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This c...	HCL	BigFix Service Management (SM) 23	May 20, 2026	CVE
LOW 2.1	CVE-2026-45232	Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy_CVE-2026-45232 Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c ...	RsyncProject	rsync	May 20, 2026	CVE
LOW 2.1	CVE-2026-34154	Discourse has a subscription access bypass in its discourse-subscriptions plugin_CVE-2026-34154 Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, a vulnerability in the d...	discourse	discourse < 2026.1.4	May 19, 2026	CVE
LOW 1.8	CVE-2025-14575	Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading_CVE-2025-14575 An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network (qtbase) in Qt Qt Framework (Unix) allows a local attack...	The Qt Company	Qt 5.0.0	May 19, 2026	CVE
LOW 1.6	CVE-2026-7860	Possible information disclosure of environment variables in Vaadin Build Plugins via Failed Frontend Build_CVE-2026-7860 A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment...	vaadin	flow 23.0.0	May 19, 2026	CVE
LOW 3.3	CVE-2026-33565	kernel_linux_common_modules has a Race Condition vulnerability_CVE-2026-33565 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE
LOW 3.3	CVE-2026-28751	filemanagement_storage_service has an improper input validation vulnerability_CVE-2026-28751 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE