MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.1	CVE-2026-47833	CVE-2026-47833_CVE-2026-47833 setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bp...	Cloud Foundry Foundation	bpm-release	Jun 18, 2026	CVE
MEDIUM 6.9	CVE-2026-56099	OpenBSD mpls_do_error Kernel Stack Memory Disclosure via MPLS Input_CVE-2026-56099 OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read vulnerability in the mpls_do_error function within sys/netmpls/mpls_input...	openbsd	src	Jun 18, 2026	CVE
MEDIUM 5.8	CVE-2026-48983	pam_usb: TOCTOU race condition in pad directory creation allows symlink substitution_CVE-2026-48983 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, a symlink race condition exists in p...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 5.8	CVE-2026-48982	pam_usb: Missing O_EXCL on pad temp file creation allows concurrent update race_CVE-2026-48982 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, when updating a one-time pad file, a...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 6.7	CVE-2026-48981	pam_usb: xmlReadFile flags=0 permits XXE network entity fetching in conf.c_CVE-2026-48981 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, pam_usb calls xmlReadFile() with fla...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 6.3	CVE-2026-48980	pam_usb: getenv() used in PAM context allows environment variable injection into local-check logic_CVE-2026-48980 pam_usb provides hardware authentication for Linux using removable media. In versions prior to 0.9.2, getenv() environment variables XRDP_SESSION,...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 5.3	CVE-2026-47847	CVE-2026-47847_CVE-2026-47847 Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication healt...	Bitnami	bitnami/mariadb-galera 10.6.0	Jun 18, 2026	CVE
MEDIUM 5.4	CVE-2026-43915	Coturn: Stored Cross-Site Scripting (XSS) in web-admin interface via TURN username_CVE-2026-43915 Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.11.0 contain a stored cross-site scripting (XSS) vulnerabi...	coturn	coturn < 4.11.0	Jun 18, 2026	CVE
MEDIUM 6.1	CVE-2026-44663	OpenEXR: Integer overflow in the HTJ2K decoder leads to heap-buffer-overflow_CVE-2026-44663 OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 t...	AcademySoftwareFoundation	openexr >= 3.4.0, < 3.4.11	Jun 18, 2026	CVE
MEDIUM 6.5	CVE-2026-49205	phpMyFAQ: Missing userHasPermission() in 4 API write endpoints (CVE-2026-24421 Incomplete Fix)_CVE-2026-49205 phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 a...	thorsten	phpMyFAQ < 4.1.4	Jun 18, 2026	CVE