MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.9	CVE-2026-9320	IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities_CVE-2026-9320 IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to a denial o...	IBM	WebSphere Application Server 9.0.0	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-8934	Cross-Project Information Leakage in Google App Engine UI_CVE-2026-8934 A Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console allows an unauthenti...	Google Cloud	Cloud Console UIs	Jun 22, 2026	CVE
MEDIUM 5.5	CVE-2026-8636	Multiple Vulnerabilities in IBM Datacap_CVE-2026-8636 IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptograph...	IBM	Datacap 9.1.7	Jun 22, 2026	CVE
MEDIUM 6.1	CVE-2026-8059	Multiple Vulnerabilities in IBM Datacap_CVE-2026-8059 IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability all...	IBM	Datacap 9.1.7	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-7253	IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway_CVE-2026-7253 IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway, due to a flaw which may allow an...	IBM	IBM Watson Speech Services Cartridge 4.0.0	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-54265	Angular: Two-Way Property Binding Sanitization Bypass (XSS)_CVE-2026-54265 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...	angular	angular >= 22.0.0-next.0 < 22.0.1	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-53655	node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)_CVE-2026-53655 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (node-tar) applies a PAX extended header's size= record (and other PAX overrides)...	isaacs	node-tar < 7.5.16	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-53550	js-yaml: Quadratic-complexity DoS in merge key handling via repeated aliases_CVE-2026-53550 js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key...	nodeca	js-yaml < 4.2.0	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-52725	Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)_CVE-2026-52725 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 22.0.0-next.0 < 22.0.0-rc.2	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-50557	Angular: Template and Attribute Namespace Sanitization Bypass (XSS)_CVE-2026-50557 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 21.0.0-next.0 < 21.2.15	Jun 22, 2026	CVE