MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.6	CVE-2026-56383	Craft CMS – Stored XSS in Table Field via Row Heading Column Type_CVE-2026-56383 Craft CMS contains a stored cross-site scripting (XSS) vulnerability in the editableTable.twig component when using the 'Row Heading' column type. ...	craftcms	cms 4.5.0-beta.1	Jun 21, 2026	CVE
MEDIUM 4.6	CVE-2026-56381	Craft CMS – Stored XSS via User Group Name in User Permissions Page_CVE-2026-56381 Craft CMS from version 5.0.0-RC1 contains a stored cross-site scripting vulnerability in the User Permissions page where user group names are rende...	craftcms	cms 5.0.0-RC1	Jun 21, 2026	CVE
MEDIUM 6.3	CVE-2026-56378	ImageMagick – Heap Out-of-Bounds Read in PCD Decoder_CVE-2026-56378 ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file c...	ImageMagick	ImageMagick	Jun 21, 2026	CVE
MEDIUM 6.3	CVE-2026-56367	ImageMagick – Heap Out-of-Bounds Read in PSB RLE Decoding_CVE-2026-56367 ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in cod...	ImageMagick	ImageMagick	Jun 21, 2026	CVE
MEDIUM 6.9	CVE-2026-56316	Cap-go – Job Existence Oracle via Unauthenticated OPTIONS /build/upload/:jobId/_CVE-2026-56316 Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/ endpoint that allows unauthenticated ...	Cap-go	capgo	Jun 21, 2026	CVE
MEDIUM 6.9	CVE-2026-56299	Capgo – Denial of Service via Unauthenticated OPTIONS Request to /build/upload Endpoint_CVE-2026-56299 Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/* endpoint that allows unauthenticated attackers ...	Capgo	Capgo	Jun 21, 2026	CVE
MEDIUM 6.8	CVE-2026-56236	Capgo CLI – Arbitrary File Overwrite via Symlink-Following in Local Credential Operations_CVE-2026-56236 Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without ...	capgo	cli	Jun 21, 2026	CVE
MEDIUM 6.4	C40A1F53-C56D-	nuclei-template-creator_C40A1F53-C56D-57E9-848D-B707E7916E4C Nuclei Template Creator English \| 中文 A comprehensive skill for creating high-quality Nuclei security scanning templates across all supported prot...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
MEDIUM 5.3	AE467228-AC78-	Exploit for Improper Access Control in Joomla Joomla\!_AE467228-AC78-5F1A-93CF-D381D698C936 No description provided...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
MEDIUM 6.9	CVE-2026-12795	BerriAI litellm SSO Debug Flow ui_sso.py json.dumps missing authentication_CVE-2026-12795 A vulnerability was determined in BerriAI litellm up to 1.82.2. This affects the function json.dumps of the file litellm/proxy/management_endpoints...	BerriAI	litellm 1.82.0	Jun 21, 2026	CVE