MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.1	MS:CVE-2026-12459	Chromium: CVE-2026-12459 Inappropriate implementation in Serial_MS:CVE-2026-12459 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 5.1	CVE-2026-55443	LangChain: Path traversal and sandbox escape in LangChain file-search middleware and loaders_CVE-2026-55443 LangChain is a framework for building agents and LLM-powered applications. Prior to 1.3.9, several LangChain components that resolve filesystem pat...	langchain-ai	langchain < 1.3.9	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-54300	@astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN config_CVE-2026-54300 @astrojs/netlify is an adapter that allows Astro to deploy your hybrid or server rendered site to Netlify. Prior to 7.0.13, @astrojs/netlify conver...	withastro	astro < 7.0.13	Jun 22, 2026	CVE
MEDIUM 4.2	CVE-2026-54298	Astro: XSS via Unescaped Attribute Names in Spread Props_CVE-2026-54298 Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and pas...	withastro	astro < 6.4.6	Jun 22, 2026	CVE
MEDIUM 6.5	CVE-2026-54288	Hono: Body Limit Middleware can be bypassed on AWS Lambda by understating `Content-Length`_CVE-2026-54288 Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, the Body Limit Middleware trusts the reques...	honojs	hono < 4.12.25	Jun 22, 2026	CVE
MEDIUM 6	CVE-2026-44273	CVE-2026-44273_CVE-2026-44273 Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with l...	Dell	Wyse Management Suite (WMS)	Jun 22, 2026	CVE
MEDIUM 5.9	CVE-2026-10852	IBM i is Affected By a Denial of Service in IBM WebSphere Application Server Liberty_CVE-2026-10852 IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in...	IBM	i 7.6	Jun 22, 2026	CVE
MEDIUM 6.9	PACKETSTORM:223968	📄 OpenBSD mpls_do_error Stack Disclosure_PACKETSTORM:223968 OpenBSD suffers from an mplsdoerror remote kernel stack disclosure vulnerability via an MPLS label stack...	N/A	N/A	Jun 22, 2026	PACKETSTORM
MEDIUM 4.7	MS:CVE-2026-12463	Chromium: CVE-2026-12463 Inappropriate implementation in Views_MS:CVE-2026-12463 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 4.2	MS:CVE-2026-12453	Chromium: CVE-2026-12453 Insufficient validation of untrusted input in Input_MS:CVE-2026-12453 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE