HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-52808	Gogs: Write-level collaborators can mutate admin-only repository settings via API_CVE-2026-52808 Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
HIGH 8.5	CVE-2026-52797	Gogs: Overwriting critical files results in a denial of service_CVE-2026-52797 Gogs is an open source self-hosted Git service. Prior to 0.14.0, as an authorized user, an intruder can dictate the value which is passed to the gi...	gogs	gogs < 0.14.0	Jun 24, 2026	CVE
HIGH 8.5	CVE-2026-45687	Rocket.Chat: Authenticated Arbitrary Data Export Theft via Mass Assignment in sendFileMessage_CVE-2026-45687 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7...	RocketChat	Rocket.Chat >= 8.5.0-rc.0, < 8.5.0	Jun 24, 2026	CVE
HIGH 8.7	CVE-2026-45677	Rocket.Chat: Lack of SAML Signature Check During Logout Could Lead To DoS_CVE-2026-45677 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7...	RocketChat	Rocket.Chat >= 8.5.0-rc.0, < 8.5.0	Jun 24, 2026	CVE
HIGH 7.7	CVE-2026-33235	AutoGPT: Denial of Service (DoS) via Resource Exhaustion in text templating features_CVE-2026-33235 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6...	Significant-Gravitas	AutoGPT >= 0.1.0, < 0.6.52	Jun 24, 2026	CVE
HIGH 7.6	CVE-2026-11998	AngularJS XSS via SCE resource URL sanitization bypass_CVE-2026-11998 A flaw in AngularJS' Strict Contextual Escaping (SCE) logic allows bypassing certain SCE policies for resource URLs and can lead to arbitrary JavaS...	Google	AngularJS >=1.2.0-rc.3	Jun 24, 2026	CVE
HIGH 7.2	CVE-2026-9779	ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability_CVE-2026-9779 ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability. This vulnerability allows ...	ATEN	Unizon 2.6.253.001	Jun 24, 2026	CVE
HIGH 7.2	CVE-2026-9778	ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability_CVE-2026-9778 ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitra...	ATEN	Unizon 2.7.262.002	Jun 24, 2026	CVE
HIGH 7.2	CVE-2026-9777	ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability_CVE-2026-9777 ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code...	ATEN	Unizon 2.7.262.002	Jun 24, 2026	CVE
HIGH 7.5	CVE-2026-9776	ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability_CVE-2026-9776 ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to ...	ATEN	Unizon 2.7.262.002	Jun 24, 2026	CVE