MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.1	CVE-2026-8059	Multiple Vulnerabilities in IBM Datacap_CVE-2026-8059 IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability all...	IBM	Datacap 9.1.7	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-7253	IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway_CVE-2026-7253 IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway, due to a flaw which may allow an...	IBM	IBM Watson Speech Services Cartridge 4.0.0	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-54265	Angular: Two-Way Property Binding Sanitization Bypass (XSS)_CVE-2026-54265 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...	angular	angular >= 22.0.0-next.0 < 22.0.1	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-53655	node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)_CVE-2026-53655 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (node-tar) applies a PAX extended header's size= record (and other PAX overrides)...	isaacs	node-tar < 7.5.16	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-53550	js-yaml: Quadratic-complexity DoS in merge key handling via repeated aliases_CVE-2026-53550 js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key...	nodeca	js-yaml < 4.2.0	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-52725	Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)_CVE-2026-52725 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 22.0.0-next.0 < 22.0.0-rc.2	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-50557	Angular: Template and Attribute Namespace Sanitization Bypass (XSS)_CVE-2026-50557 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 21.0.0-next.0 < 21.2.15	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-41047	Information leak via “diff” methods in qSnapper_CVE-2026-41047 Lack of authentication when using the "snapshot diff" functions in qSnapper before version 1.3.3 allowed a local attacker to see otherwise read pro...	presire	qSnapper	Jun 22, 2026	CVE
MEDIUM 5.9	CVE-2026-12725	Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies_CVE-2026-12725 A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies conta...	Red Hat	Red Hat Enterprise Linux 10	Jun 22, 2026	CVE
MEDIUM 4.8	CVE-2026-12549	Libsoup: incomplete fix for cve-2026-2443: range suffix overflow in libsoup soupserver_CVE-2026-12549 The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When...	Red Hat	Red Hat Enterprise Linux 10	Jun 22, 2026	CVE