CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-52725	Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)_CVE-2026-52725 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 22.0.0-next.0 < 22.0.0-rc.2	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-50557	Angular: Template and Attribute Namespace Sanitization Bypass (XSS)_CVE-2026-50557 Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...	angular	angular >= 21.0.0-next.0 < 21.2.15	Jun 22, 2026	CVE
HIGH 8.7	CVE-2026-50178	Angular: Remote Code Execution via JSDoc Hover Command Injection in VS Code Angular Language Service Extension_CVE-2026-50178 The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angular Language Service V...	angular	angular < 21.2.4	Jun 22, 2026	CVE
HIGH 8.7	CVE-2026-49241	Angular: Multiple Remote Code Execution Vulnerabilities in Angular Language Service VS Code Extension_CVE-2026-49241 The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular L...	angular	angular < 21.2.4	Jun 22, 2026	CVE
HIGH 8.4	CVE-2026-41049	Caching of Authentication allows Authentication Bypass between users in qSnapper_CVE-2026-41049 Incorrect caching of authentication between different users of the qSnapper dbus service before version 1.3.3 allowed any local attacker to use db...	presire	qSnapper 1.2.1	Jun 22, 2026	CVE
HIGH 8.4	CVE-2026-41048	Caching of Authentication allows Authentication Bypass in qSnapper_CVE-2026-41048 Incorrect caching of authentication between different polkit methods in qSnapper before version 1.3.3 allowed a local attacker to use functions lik...	presire	qSnapper 1.2.1	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-41047	Information leak via “diff” methods in qSnapper_CVE-2026-41047 Lack of authentication when using the "snapshot diff" functions in qSnapper before version 1.3.3 allowed a local attacker to see otherwise read pro...	presire	qSnapper	Jun 22, 2026	CVE
HIGH 7.3	CVE-2026-41046	path traversal via `config` parameter in qSnapper_CVE-2026-41046 A path traversal attack when using a "configName" parameter in qSnapper before version 1.3.3 allowed a local attacker to use malicious config files...	presire	qSnapper	Jun 22, 2026	CVE
HIGH 8.1	CVE-2026-41045	Weak polkit authentication check in qSnapper_CVE-2026-41045 A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication m...	presire	qSnapper	Jun 22, 2026	CVE
MEDIUM 5.9	CVE-2026-12725	Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies_CVE-2026-12725 A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies conta...	Red Hat	Red Hat Enterprise Linux 10	Jun 22, 2026	CVE