HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.3	CVE-2026-55957	Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind_CVE-2026-55957 Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed...	Apache Software Foundation	Apache Tomcat 11.0.0-M1	Jun 29, 2026	CVE
HIGH 7.3	CVE-2026-53404	Apache Tomcat: Bad ornext processing in RewriteValve_CVE-2026-53404 Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matche...	Apache Software Foundation	Apache Tomcat 11.0.0-M1	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-51221	CVE-2026-51221_CVE-2026-51221 A buffer overflow in the Get_Attribute_List function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service (DoS) via ...	n/a	n/a n/a	Jun 29, 2026	CVE
HIGH 8.8	CVE-2026-11589	WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated Stored XSS via File Upload_CVE-2026-11589 The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not properly validate uploaded files, allowing unauthenticated use...	Unknown	WP Support Plus Responsive Ticket System	Jun 30, 2026	CVE
HIGH 7.8	CVE-2025-7406	A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM_CVE-2025-7406 Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privile...	Nokia	MantaRay NM <NM 25R1-NM	Jun 30, 2026	CVE
HIGH 7.8	CVE-2025-24815	An unrestricted file upload vulnerability in Nokia MantaRay NM_CVE-2025-24815 Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could a...	Nokia	MantaRay NM <25R2-NM	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-50750	Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270_CVE-2026-50750 Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026...	Apache Software Foundation	Apache ActiveMQ Broker 5.19.7	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-50734	Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation_CVE-2026-50734 Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated netw...	Apache Software Foundation	Apache ActiveMQ Client	Jun 30, 2026	CVE
HIGH 8.1	CVE-2026-49877	Apache ActiveMQ: Authenticated web users retain admin access by default in the Web Console_CVE-2026-49877 Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in t...	Apache Software Foundation	Apache ActiveMQ	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-57080	Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped peer-wire message-length prefix_CVE-2026-57080 Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped peer-wire message-length prefix. The peer-wire fram...	SANKO	Net::BitTorrent	Jun 30, 2026	CVE