MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.9	CVE-2026-12673	CVE-2026-12673_CVE-2026-12673 Liquidfiles versions before 4.2.12 are affected by a broken access control vulnerability resulting in privilege escalation from an Admin in a secon...	liquidfiles	liquidfiles	Jun 20, 2026	CVE
MEDIUM 6.5	CVE-2026-12119	Simple File List <= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute_CVE-2026-12119 The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' s...	eemitch	Simple File List	Jun 20, 2026	CVE
MEDIUM 6.9	CVE-2026-56213	Capgo – Unauthenticated Cross-Tenant Metrics Poisoning via upsert_version_meta RPC_CVE-2026-56213 Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.upsert_version_meta SECURITY DEFINER function exposed via PostgR...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 5.1	CVE-2026-56212	Capgo – Improper 2FA Enforcement Logic via Team Security Settings_CVE-2026-56212 Capgo before 12.128.2 contains an authentication logic flaw: a user with permission to manage team or organization security settings can enable man...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 6.9	CVE-2026-56080	Cap-go – Authentication Logic Flaw in Enforce Password Policy_CVE-2026-56080 Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature: after a Super Admin enables the policy and successfully changes their...	Cap-go	capgo	Jun 19, 2026	CVE
MEDIUM 4.3	MS:CVE-2026-12446	CVE-2026-12446 Insufficient data validation in Passwords_MS:CVE-2026-12446 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 4.2	MS:CVE-2026-12453	CVE-2026-12453 Insufficient validation of untrusted input in Input_MS:CVE-2026-12453 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 4.2	MS:CVE-2026-12456	CVE-2026-12456 Insufficient validation of untrusted input in Extensions_MS:CVE-2026-12456 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 4.2	MS:CVE-2026-12457	CVE-2026-12457 Insufficient data validation in Extensions_MS:CVE-2026-12457 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 4.2	MS:CVE-2026-12460	CVE-2026-12460 Insufficient policy enforcement in File System Access_MS:CVE-2026-12460 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE