MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2025-69332	WordPress Bookify plugin <= 1.1.1 - Broken Access Control vulnerability_CVE-2025-69332 Subscriber Broken Access Control in Bookify	myCred	Bookify n/a	Jun 15, 2026	CVE
MEDIUM 6.3	CVE-2025-68049	WordPress bunny.net plugin <= 2.3.6 - Broken Access Control vulnerability_CVE-2025-68049 Subscriber Broken Access Control in bunny.net	bunny.net	bunny.net n/a	Jun 15, 2026	CVE
MEDIUM 4.4	CVE-2025-60175	WordPress PopAd Plugin <= 1.0.4 - Server Side Request Forgery (SSRF) Vulnerability_CVE-2025-60175 Administrator Server Side Request Forgery (SSRF) in PopAd	vynnus	PopAd n/a	Jun 15, 2026	CVE
MEDIUM 5.3	MS:CVE-2026-12015	Chromium: CVE-2026-12015 Use after free Autofill_MS:CVE-2026-12015 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 15, 2026	MSCVE
MEDIUM 5.3	CVE-2026-52721	Gstreamer1-plugins-bad-free: gstreamer: multiple out-of-bounds reads in pcapparse ipv4/tcp header parsing_CVE-2026-52721 Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer bou...	Red Hat	Red Hat Enterprise Linux 10	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-52718	Gstreamer1-plugins-bad-free: gstreamer: denial of service via av1 tile_list_obu parser byte/bit confusion_CVE-2026-52718 A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gst_av1_parser_parse_tile_list_obu() function p...	Red Hat	Red Hat Enterprise Linux 10	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-49953	Discuz! X5.0 CAPTCHA Bypass via Predictable Character Set_CVE-2026-49953 Discuz! X5.0 releases 20260320 through 20260501 contains a CAPTCHA bypass vulnerability that allows unauthenticated remote attackers to defeat chal...	Discuz!	Discuz! X5.0 20260320	Jun 15, 2026	CVE
MEDIUM 6.8	CVE-2026-11931	Insecure Permissions on Authentication Token Cache File in Kiro IDE_CVE-2026-11931 Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other loca...	AWS	Kiro IDE	Jun 15, 2026	CVE
MEDIUM 5.4	CVE-2026-8358	Heap buffer overflow in spreadsheet tracked-changes import_CVE-2026-8358 LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change iden...	The Document Foundation	LibreOffice 26.2	Jun 15, 2026	CVE
MEDIUM 5.4	CVE-2026-8357	Heap buffer overflow in Calc formula compilation_CVE-2026-8357 LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of ma...	The Document Foundation	LibreOffice 26.2	Jun 15, 2026	CVE