MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.1	CVE-2026-47324	Stored XSS in Multiple Points in ProjectsAndPrograms school-management-system_CVE-2026-47324 ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting (XSS) in multiple attributes of students and teachers obj...	ProjectsAndPrograms	school-management-system 6b6fae5	Jun 3, 2026	CVE
MEDIUM 5.3	CVE-2026-44545	Unbounded WebSocket message and frame sizes can cause unauthenticated remote denial of service_CVE-2026-44545 daphne before 4.2.2 did not pass maxFramePayloadSize or maxMessagePayloadSize to Autobahn's WebSocketServerFactory. Because Autobahn defaults both ...	djangoproject	daphne 4.2.0	Jun 3, 2026	CVE
MEDIUM 6.3	CVE-2026-35717	CVE-2026-35717_CVE-2026-35717 A stack-based buffer overflow in the export_language.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers ...	n/a	n/a n/a	Jun 2, 2026	CVE
MEDIUM 4.8	CVE-2026-10722	cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow_CVE-2026-10722 A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadColle...	cilium	ebpf 0.1	Jun 3, 2026	CVE
MEDIUM 5.3	CVE-2026-5078	morgan vulnerable to Log Forging via unneutralized control characters in :remote-user_CVE-2026-5078 Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to ...	morgan	morgan 1.2.0	Jun 3, 2026	CVE
MEDIUM 6.9	CVE-2026-10694	SourceCodester Online Food Ordering System index.php include file inclusion_CVE-2026-10694 A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.p...	SourceCodester	Online Food Ordering System 2.0	Jun 3, 2026	CVE
MEDIUM 5.3	CVE-2026-10693	SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization_CVE-2026-10693 A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown funct...	SourceCodester	Online Boat Reservation System 1.0	Jun 3, 2026	CVE
MEDIUM 6.9	CVE-2026-10704	SourceCodester Pizzafy E-Commerce System Administrative Control Panel admin_class_novo.php login sql injection_CVE-2026-10704 A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /adm...	SourceCodester	Pizzafy E-Commerce System 1.0	Jun 3, 2026	CVE
MEDIUM 5.3	CVE-2026-10703	EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free_CVE-2026-10703 A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the...	EIPStackGroup	OpENer 2.0	Jun 3, 2026	CVE
MEDIUM 4.6	CVE-2026-10718	Open Seachest/Seachest NVMe Trim (Deallocate) Vulnerability_CVE-2026-10718 Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra m...	N/A	N/A	Jun 2, 2026	CVE