MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-54233	vLLM: OOM Denial of Service via Audio Decompression Bomb_CVE-2026-54233 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compr...	vllm-project	vllm < 0.23.1rc0	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-53923	vLLM GGUF Kernels: int64_t to int truncation of tensor dimensions causes GPU buffer overflow_CVE-2026-53923 vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vL...	vllm-project	vllm >= 0.5.5, < 0.23.1rc0	Jun 22, 2026	CVE
MEDIUM 6.5	CVE-2026-47155	vLLM: Artifact Pin Decay in vLLM allows pinned deployments to load unpinned code, weights, and processors_CVE-2026-47155 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, vLLM's revision pinning controls do not consistently app...	vllm-project	vllm < 0.22.0	Jun 22, 2026	CVE
MEDIUM 4.2	MS:CVE-2026-12456	Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions_MS:CVE-2026-12456 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 6.5	MS:CVE-2026-12461	Chromium: CVE-2026-12461 Out of bounds read in WebRTC_MS:CVE-2026-12461 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 5.8	CVE-2026-55599	phpseclib: X.509 certificate validation sends attacker-controlled outbound requests (server-side request forgery) via Authority Information Access_CVE-2026-55599 phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 cer...	phpseclib	phpseclib >= 0.1.1, < 1.0.30	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-54651	pypdf: Possible infinite loop when processing threads/articles in writer_CVE-2026-54651 pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an...	py-pdf	pypdf < 6.13.1	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-54531	pypdf: Possible infinite loop when processing outlines/bookmarks in writer_CVE-2026-54531 pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an...	py-pdf	pypdf < 6.13.0	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-54530	pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction_CVE-2026-54530 pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an...	py-pdf	pypdf < 6.13.0	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-49461	pypdf: Possible large memory usage for form XObjects during text extraction_CVE-2026-49461 pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to la...	py-pdf	pypdf < 6.12.2	Jun 22, 2026	CVE