MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.3	MS:CVE-2026-11686	Chromium: CVE-2026-11685 Insufficient data validation in MediaCapture_MS:CVE-2026-11686 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 16, 2026	MSCVE
MEDIUM 5.3	MS:CVE-2026-11696	Chromium: CVE-2026-11695 Inappropriate implementation in Passwords_MS:CVE-2026-11696 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 16, 2026	MSCVE
MEDIUM 6.1	CVE-2026-48157	Slim has Reflected XSS in the HtmlErrorRenderer_CVE-2026-48157 Slim is a PHP micro framework that enables users to write simple web applications and APIs. In versions 4.4.0 through 4.15, if an application uses ...	slimphp	Slim >= 4.4.0, < 4.15.2	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-9260	CVE-2026-9260_CVE-2026-9260 Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier	Canon Inc.	EOS Network Setting Tool for Windows 1.5.0 or earlier	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-49875	Apache CXF: XML External Entity (XXE) Injection in W3CMultiSchemaFactory and EndpointReferenceUtils_CVE-2026-49875 Apache CXF's EndpointReferenceUtils and W3CMultiSchemaFactory classes construct a SAXParserFactory without the necessary JAXP hardening configurati...	Apache Software Foundation	Apache CXF 4.2.0	Jun 12, 2026	CVE
MEDIUM 5.5	CVE-2026-41155	GPU DDK – SharedSecMem mapped into all GPU virtual address spaces_CVE-2026-41155 An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the...	Imagination Technologies	Graphics DDK 1.18 RTM	Jun 12, 2026	CVE
MEDIUM 5.5	CVE-2025-55663	CVE-2025-55663_CVE-2025-55663 A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Ser...	n/a	n/a n/a	Jun 15, 2026	CVE
MEDIUM 5.5	CVE-2025-55661	CVE-2025-55661_CVE-2025-55661 A heap buffer overflow in the Opus audio stream parser component of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supply...	n/a	n/a n/a	Jun 15, 2026	CVE
MEDIUM 5.5	CVE-2025-55660	CVE-2025-55660_CVE-2025-55660 A stack overflow in the gf_opus_read_length function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (...	n/a	n/a n/a	Jun 15, 2026	CVE
MEDIUM 5.5	CVE-2025-55652	CVE-2025-55652_CVE-2025-55652 A heap buffer overflow in the gf_isom_vp_config_new function (isomedia/avc_ext.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service...	n/a	n/a n/a	Jun 15, 2026	CVE