LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.3	CVE-2026-13493	AIDC-AI ComfyUI-Copilot Workflow Checkpoint Restore conversation_api.py resource injection_CVE-2026-13493 A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversati...	AIDC-AI	ComfyUI-Copilot 2.0.0	Jun 28, 2026	CVE
LOW 2.3	CVE-2026-13484	MLflow Experiment-scoped Label Schema CRUD API authorization_CVE-2026-13484 A vulnerability has been found in MLflow up to 4666cffc7912ea606d592fc38d6a75e2935f65e7. The impacted element is an unknown function of the compone...	n/a	MLflow 4666cffc7912ea606d592fc38d6a75e2935f65e7	Jun 28, 2026	CVE
LOW 2.3	CVE-2026-13483	arc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticity_CVE-2026-13483 A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encr...	arc53	DocsGPT 0.1	Jun 28, 2026	CVE
LOW 3.3	CVE-2026-58052	7-Zip – Mark-of-the-Web Bypass via RAR5 Alternate Data Stream Name Collision_CVE-2026-58052 7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an ...	7-Zip	7-Zip	Jun 28, 2026	CVE
LOW 3.1	MS:CVE-2026-12032	Chromium: CVE-2026-12032 Inappropriate implementation Passwords_MS:CVE-2026-12032 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
LOW 2.3	CVE-2026-47206	Dragonfly: RESP Protocol Injection via Lua redis.error_reply() in EvalSerializer_CVE-2026-47206 Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.9, Dragonfly has a RESP Protocol Injection via Lua redis...	dragonflydb	dragonfly < 1.38.9	Jun 26, 2026	CVE
LOW 3.5	CVE-2026-3472	Markdown image rendering bypass in AI bot tool result posts in Mattermost_CVE-2026-3472 Mattermost versions 10.11.x	Mattermost	Mattermost 10.11.0	Jun 26, 2026	CVE
LOW 2.1	CVE-2026-57940	CVE-2026-57940_CVE-2026-57940 HTMLy 3.1.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the RSS feed import functionality. The function get_feed() in system/adm...	danpros	HTMLy 3.1.1	Jun 26, 2026	CVE
LOW 2.6	CVE-2026-57926	CVE-2026-57926_CVE-2026-57926 In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack	JetBrains	YouTrack	Jun 26, 2026	CVE
LOW 3.1	CVE-2026-57922	CVE-2026-57922_CVE-2026-57922 In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible	JetBrains	YouTrack	Jun 26, 2026	CVE