CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-53698	CVE-2026-53698_CVE-2026-53698 Silverpeas through 6.4.6 mishandles the "Personal space" feature that is selected when no componentId is set.	Silverpeas	Silverpeas	Jun 10, 2026	CVE
HIGH 7.3	CVE-2026-53694	Potential local privileges escalation through argument injection in the nxchmod.sh script_CVE-2026-53694 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Nomachine allows Argument Injection.This issue ...	NoMachine	NoMachine	Jun 10, 2026	CVE
MEDIUM 6.9	CVE-2026-53693	MISP BSimVis stored cross-site scripting in tag and cluster rendering paths via unescaped tag metadata and UI labels_CVE-2026-53693 A stored cross-site scripting vulnerability existed in MISP BSimVis tag rendering code. Several client-side rendering paths interpolated tag names,...	misp	bsimvis	Jun 10, 2026	CVE
MEDIUM 6.9	CVE-2026-49760	Stack Buffer Overflow in ei_s_print_term at Very Large Integer_CVE-2026-49760 Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Overflow. This vulnerability is associated with ...	Erlang	OTP 3.7.16	Jun 10, 2026	CVE
HIGH 8.8	CVE-2026-49759	Stack buffer overflow in SCTP error cause parsing in inet_drv allows remote VM crash_CVE-2026-49759 Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash the BEAM VM by sending a...	Erlang	OTP 6.0	Jun 10, 2026	CVE
HIGH 7.5	CVE-2026-48860	Distribution-over-TLS LAN allowlist silently bypassed due to sockname/peername confusion in inet_tls_dist_CVE-2026-48860 Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the distribution-...	Erlang	OTP 11.0	Jun 10, 2026	CVE
MEDIUM 6.3	CVE-2026-48859	SSH server timing side-channel in ssh_auth:check_password/3 allows unauthenticated username enumeration_CVE-2026-48859 Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote username enumeration vi...	Erlang	OTP 6.0	Jun 10, 2026	CVE
MEDIUM 6.3	CVE-2026-48858	ftp client PASV response IP not validated against control peer, enabling SSRF and FTP bounce attacks_CVE-2026-48858 Server-Side Request Forgery (SSRF) vulnerability in Erlang/OTP ftp (ftp_internal module) allows FTP bounce attacks and SSRF via an unvalidated PASV...	Erlang	OTP 5.10.4	Jun 10, 2026	CVE
HIGH 7.1	CVE-2026-48856	httpc leaks Authorization header to cross-origin redirect targets_CVE-2026-48856 Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data. The httpc client forwar...	Erlang	OTP 5.10	Jun 10, 2026	CVE
LOW 2.3	CVE-2026-48855	SFTP READLINK Leaks Absolute Backend Filesystem Path When Root Is Configured_CVE-2026-48855 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery. The SSH_FXP_R...	Erlang	OTP 3.0.1	Jun 10, 2026	CVE