packetstorm - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	PACKETSTORM:219850	📄 SQLite 3.50.1 winsqlite3.dll Heap Overflow_PACKETSTORM:219850 This Metasploit local exploit module targets a heap overflow vulnerability in winsqlite3.dll in SQLite versions prior to 3.50.2 on Windows systems....	N/A	N/A	Apr 27, 2026	PACKETSTORM
NONE	PACKETSTORM:219875	📄 V8 BigInt String Conversion Stress Test Conceptual Sandbox_PACKETSTORM:219875 This is a V8 Sandbox Escape vulnerability in BigInt::Allocate where buffers are shuffled outside the sandbox. The vulnerability allows for writes o...	N/A	N/A	Apr 27, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:219858	📄 textract 2.5.0 Command Injection_PACKETSTORM:219858 In textract version 2.5.0, a security vulnerability allows OS command injection when untrusted file paths are processed by the library...	N/A	N/A	Apr 27, 2026	PACKETSTORM
High 7.5	PACKETSTORM:219872	📄 Sequelize 6.37.7 SQL Injection_PACKETSTORM:219872 A remote SQL injection vulnerability exists Sequelize versions 6.37.7 and below in the JSON/JSONB where clause processing. When Sequelize parses a ...	N/A	N/A	Apr 27, 2026	PACKETSTORM
HIGH 8.8	PACKETSTORM:219877	📄 Vienna Assistant 1.2.542 macOS Privilege Escalation_PACKETSTORM:219877 A macOS helper service interface implemented via NSXPC was observed exposing methods that may allow privileged operations such as file writing and ...	N/A	N/A	Apr 27, 2026	PACKETSTORM
CRITICAL 9.1	PACKETSTORM:219789	📄 lollms-webui Server-Side Request Forgery_PACKETSTORM:219789 lollms-webui suffers from a server-side request forgery vulnerability...	N/A	N/A	Apr 24, 2026	PACKETSTORM
NONE	PACKETSTORM:219790	📄 OpenClaw 2026.3.13 MEDIA Protocol File Disclosure_PACKETSTORM:219790 This Python script is a security exploitation tool targeting the OpenClaw system integrated with Discord. It attempts to exfiltrate sensitive files...	N/A	N/A	Apr 24, 2026	PACKETSTORM
HIGH 8.6	PACKETSTORM:219788	📄 NLTK 3.9.2 Path Traversal / File Disclosure_PACKETSTORM:219788 NLTK version 3.9.2 suffers from a path traversal vulnerability that allows for file disclosure...	N/A	N/A	Apr 24, 2026	PACKETSTORM
NONE	PACKETSTORM:219780	📄 Open WebUI 0.8.11 Information Disclosure_PACKETSTORM:219780 A potential access control issue was identified in Open WebUI where the Tools API and associated “valves” endpoints may expose sensitive configurat...	N/A	N/A	Apr 24, 2026	PACKETSTORM
NONE	PACKETSTORM:219772	📄 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772 This Metasploit auxiliary module targets a potential stored cross site scripting vulnerability in the MISP Workflow Engine. It is designed to inter...	N/A	N/A	Apr 24, 2026	PACKETSTORM