HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-6679	DTLS 1.3 ACK serialization heap buffer overflow via integer truncation_CVE-2026-6679 A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due ...	wolfSSL	wolfSSL 5.4.0	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-56445	pydicom pynetdicom Library Path Traversal_CVE-2026-56445 The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitizat...	pydicom	pynetdicom Library 1.0.0	Jun 25, 2026	CVE
HIGH 8.3	CVE-2026-12473	OHIF Viewers DICOM Server-Side request forgery_CVE-2026-12473 Two data sources (DICOMWebProxy and DICOMJSON) shipped in the default configuration fetch an arbitrary URL parameter without validation. A global a...	Open Health Imaging Foundation (OHIF)	DICOM Web Viewer Framework	Jun 25, 2026	CVE
HIGH 7.3	CVE-2026-54479	EVoke Systems EVoke CSMS Insufficient Session Expiration_CVE-2026-54479 The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same sess...	EVoke	EVoke CSMS All versions	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-50176	EVoke Systems EVoke CSMS Improper Restriction of Excessive Authentication Attempts_CVE-2026-50176 The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allo...	EVoke	EVoke CSMS All versions	Jun 25, 2026	CVE
HIGH 7.4	CVE-2026-12992	Apicurio/apicurio-registry: apicurio-registry: ssrf via wsdl4j import dereference in wsdl full validation_CVE-2026-12992 A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature....	Red Hat	Red Hat build of Apicurio Registry 3	Jun 25, 2026	CVE
HIGH 8.5	CVE-2026-12975	Apicurio/apicurio-registry: apicurio-registry: unhardened saxparser in content-type detection leads to blind xxe / ssrf / billion-laughs dos_CVE-2026-12975 A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing fea...	Red Hat	Red Hat build of Apicurio Registry 3	Jun 25, 2026	CVE
HIGH 8.1	CVE-2026-11800	Org.keycloak:keycloak-services: keycloak: authentication bypass via jwt algorithm confusion_CVE-2026-11800 A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow allows an attacker with valid client c...	Red Hat	Red Hat build of Keycloak 26.6 26.6.4-2	Jun 25, 2026	CVE
HIGH 8.1	CVE-2026-22879	CVE-2026-22879_CVE-2026-22879 vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability	vtk	vtk 9.5.2	Jun 25, 2026	CVE
HIGH 7.6	CVE-2025-71340	picklescan – Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcode_CVE-2025-71340 picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in __reduce__ methods. Att...	picklescan	picklescan	Jun 25, 2026	CVE