LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.7	CVE-2025-31985	HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header_CVE-2025-31985 HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This c...	HCL	BigFix Service Management (SM) 23	May 20, 2026	CVE
LOW 2.1	CVE-2026-45232	Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy_CVE-2026-45232 Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c ...	RsyncProject	rsync	May 20, 2026	CVE
LOW 2.1	CVE-2026-34154	Discourse has a subscription access bypass in its discourse-subscriptions plugin_CVE-2026-34154 Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, a vulnerability in the d...	discourse	discourse < 2026.1.4	May 19, 2026	CVE
LOW 1.8	CVE-2025-14575	Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading_CVE-2025-14575 An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network (qtbase) in Qt Qt Framework (Unix) allows a local attack...	The Qt Company	Qt 5.0.0	May 19, 2026	CVE
LOW 1.6	CVE-2026-7860	Possible information disclosure of environment variables in Vaadin Build Plugins via Failed Frontend Build_CVE-2026-7860 A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment...	vaadin	flow 23.0.0	May 19, 2026	CVE
LOW 3.3	CVE-2026-33565	kernel_linux_common_modules has a Race Condition vulnerability_CVE-2026-33565 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE
LOW 3.3	CVE-2026-28751	filemanagement_storage_service has an improper input validation vulnerability_CVE-2026-28751 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE
LOW 3.3	CVE-2026-27781	kernel_liteos_a has an integer overflow vulnerability_CVE-2026-27781 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE
LOW 3.3	CVE-2026-25110	Sensors_medical_sensor has a NULL pointer dereference vulnerability_CVE-2026-25110 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE
LOW 3.5	8CE4761E-40E3-	Exploit for CVE-2025-11203_8CE4761E-40E3-5285-948E-9190434686A1 CVE-2025-11203 — LiteLLM Health Endpoint APIKEY Information Disclosure LiteLLM versions 未正确过滤敏感信息，导致已认证用户可获取其他模型配置中存储...	N/A	N/A	May 19, 2026	GITHUBEXPLOIT