HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	MS:CVE-2026-13033	Chromium: CVE-2026-13033 Out of bounds read in Blink>InterestGroups_MS:CVE-2026-13033 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
HIGH 8.8	MS:CVE-2026-13035	Chromium: CVE-2026-13035 Use after free in Bluetooth_MS:CVE-2026-13035 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
HIGH 8.8	MS:CVE-2026-13036	Chromium: CVE-2026-13036 Use after free in Blink_MS:CVE-2026-13036 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
HIGH 8.8	MS:CVE-2026-13038	Chromium: CVE-2026-13038 Use after free in Autofill_MS:CVE-2026-13038 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
HIGH 7.5	CVE-2026-5757	There exists an unauthenticated remote information disclosure vulnerability in Ollama’s model quantization engine_CVE-2026-5757 Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the ser...	Ollama AI	Ollama v0.13.5	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-0828	Kernel driver vulnerability in Safetica Endpoint Client_CVE-2026-0828 Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCT...	Safetica	Endpoint Client 10.5.75.0	Jun 26, 2026	CVE
HIGH 8.1	CVE-2026-56876	extract-zip unvalidated symlink path traversal_CVE-2026-56876 extract-zip does not validate symlink targets when extracting zip archives. When processing a malicious zip file containing a symlink with a relati...	max-mapper	extract-zip	Jun 26, 2026	CVE
HIGH 8.6	CVE-2026-55441	mise: Arbitrary command execution via task-include files in an untrusted, config-less repository_CVE-2026-55441 mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files (mise.toml, .tool-versio...	jdx	mise < 2026.6.4	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-54341	Dragonfly: RESTORE operations may crash the server_CVE-2026-54341 Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.0, a crafted RESTORE payload triggers an out-of-bounds r...	dragonflydb	dragonfly < 1.39.0	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-48743	Envoy: HTTP/3 to HTTP/1 request smuggling via headers-only request with nonzero Content-Length_CVE-2026-48743 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can tran...	envoyproxy	envoy >= 1.38.0, < 1.38.1	Jun 26, 2026	CVE