HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-43707	CVE-2026-43707_CVE-2026-43707 A memory corruption issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Ta...	Apple	Safari	Jun 29, 2026	CVE
HIGH 8.6	CVE-2026-11590	WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated SQL Injection via filter[elements] Array Keys_CVE-2026-11590 The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sanitize user-supplied array keys before using them in a SQL s...	Unknown	WP Support Plus Responsive Ticket System	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-54475	Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover_CVE-2026-54475 Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destination...	Apache Software Foundation	Apache ActiveMQ Broker	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-53917	Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshalling_CVE-2026-53917 Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. ...	Apache Software Foundation	Apache ActiveMQ	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-53916	Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec_CVE-2026-53916 Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated clie...	Apache Software Foundation	Apache ActiveMQ	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-49432	Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service_CVE-2026-49432 Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can rea...	Apache Software Foundation	Apache ActiveMQ	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-57081	Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input_CVE-2026-57081 Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested ...	SANKO	Net::BitTorrent	Jun 30, 2026	CVE
HIGH 7	CVE-2026-44949	Unauthenticated namespace creation and RBAC injection via rancher-webhook FleetWorkspace mutating webhook_CVE-2026-44949 A Rancher FleetWorkspace admission path allowed side effects to occur in the Rancher webhook handler for versions 0.7.0 up to 0.7.10, 0.8.0 up to ...	SUSE	Rancher 0.7.0	Jun 30, 2026	CVE
HIGH 8.8	CVE-2026-27957	Coolify: Authenticated RCE via command injection in CA certificate management feature_CVE-2026-27957 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, an authenticated comma...	coollabsio	coolify < 4.0.0-beta.464	Jun 30, 2026	CVE
HIGH 8.8	CVE-2026-48307	ColdFusion \| Cross-site Scripting (Reflected XSS) (CWE-79)_CVE-2026-48307 ColdFusion versions 2025.9, 2023.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit thi...	Adobe	ColdFusion	Jun 30, 2026	CVE