MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.3	CVE-2026-53634	Sharp: Missing Authorization Check in Quick Creation Command Endpoints_CVE-2026-53634 Sharp is a content management framework built for Laravel as a package. From version 9.0.0 to before version 9.22.3, the create and store endpoints...	code16	sharp >= 9.0.0, < 9.22.3	Jun 10, 2026	CVE
MEDIUM 5.3	CVE-2026-48108	Russh: SSH identification parsing accepted non-canonical client banners and did not bound pre-banner input_CVE-2026-48108 Russh is a Rust SSH client & server library. From version 0.34.0-beta.1 to before version 0.61.0, russh did not enforce the SSH identification-stri...	Eugeny	russh >= 0.34.0-beta.1, < 0.61.0	Jun 10, 2026	CVE
MEDIUM 6.5	CVE-2026-48107	Russh: Unchecked keyboard-interactive prompt count in client auth path_CVE-2026-48107 Russh is a Rust SSH client & server library. From version 0.37.0 to before version 0.61.0, in the russh client keyboard-interactive authentication ...	Eugeny	russh >= 0.37.0, < 0.61.0	Jun 10, 2026	CVE
MEDIUM 5.3	CVE-2026-46705	russh server userauth state is not reset when authentication principal changes_CVE-2026-46705 Russh is a Rust SSH client & server library. From version 0.34.0-beta.1 to before version 0.61.0, the russh server authentication path keeps intern...	Eugeny	russh >= 0.34.0-beta.1, < 0.61.0	Jun 10, 2026	CVE
MEDIUM 6.1	CVE-2026-45384	bit7z: Arbitrary File Overwrite via Symlink Attack on Predictable Temp File During Archive Update_CVE-2026-45384 bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrar...	rikyoz	bit7z < 4.0.12	Jun 10, 2026	CVE
MEDIUM 4.4	CVE-2026-0268	Prisma Access Agent: Local Authenticated VPN Enforcement Bypass on Linux_CVE-2026-0268 A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel. ...	Palo Alto Networks	Prisma Access Agent	Jun 10, 2026	CVE
MEDIUM 4.4	CVE-2026-0267	GlobalProtect App: Information Exposure Vulnerability on macOS_CVE-2026-0267 An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes f...	Palo Alto Networks	GlobalProtect App 6.3.0	Jun 10, 2026	CVE
MEDIUM 6.2	CVE-2026-46523	ImageMagick: Use-After-Free in MSL decoder._CVE-2026-46523 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted ...	ImageMagick	ImageMagick < 7.1.2-23	Jun 10, 2026	CVE
MEDIUM 5.3	CVE-2026-45664	ImageMagick: Policy Bypass in MNG coder could_CVE-2026-45664 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of...	ImageMagick	ImageMagick < 6.9.13-47	Jun 10, 2026	CVE
MEDIUM 5.1	CVE-2026-45624	ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation._CVE-2026-45624 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when perfo...	ImageMagick	ImageMagick < 6.9.13-47	Jun 10, 2026	CVE