MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.9	CVE-2026-48090	Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash risk)_CVE-2026-48090 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter ...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-47205	Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides_CVE-2026-47205 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Fr...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 5.4	PACKETSTORM:224389	📄 Docmost Cross Site Scripting_PACKETSTORM:224389 Docmost versions prior to 0.71.0 suffer from a persistent cross site scripting vulnerability...	N/A	N/A	Jun 26, 2026	PACKETSTORM
MEDIUM 5.4	PACKETSTORM:224388	📄 Docmost 0.70.x Authorization Bypass_PACKETSTORM:224388 A low-privileged Docmost user could supply a victim attachmentId to the generic upload endpoint and overwrite another page's stored attachment insi...	N/A	N/A	Jun 26, 2026	PACKETSTORM
MEDIUM 4.3	PACKETSTORM:224390	📄 Docmost 0.70.2 Authorization Bypass_PACKETSTORM:224390 In Docmost versions 0.70.0 through 0.70.2, restricted child pages hidden from public share viewers could still leak through public share search res...	N/A	N/A	Jun 26, 2026	PACKETSTORM
MEDIUM 6.5	CVE-2026-8380	Frontend File Manager Plugin <= 23.6 - Author+ Arbitrary Post Deletion_CVE-2026-8380 The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion,...	Unknown	Frontend File Manager Plugin	Jun 26, 2026	CVE
MEDIUM 6.8	CVE-2026-9699	Mattermost Agents plugin logs unsanitized OpenAI API keys on authentication errors_CVE-2026-9699 Mattermost Plugins versions	Mattermost	Mattermost	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2026-57665	WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-57665 Unauthenticated Insecure Direct Object References (IDOR) in GravityView	GravityKit	GravityView n/a	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2026-57664	WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability_CVE-2026-57664 Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder	VillaTheme	Bopo – WooCommerce Product Bundle Builder n/a	Jun 26, 2026	CVE
MEDIUM 5.4	CVE-2026-57661	WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Control vulnerability_CVE-2026-57661 Subscriber Broken Access Control in WPComplete	Nexcess	WPComplete n/a	Jun 26, 2026	CVE