LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.3	CVE-2026-8432	Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star()_CVE-2026-8432 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star(). The Concrete CMS securi...	Concrete CMS	Concrete CMS 9.0	May 21, 2026	CVE
LOW 2.3	CVE-2026-8427	Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavoriteFolder($id)_CVE-2026-8427 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavoriteFolder($id). The ...	Concrete CMS	Concrete CMS 9.0	May 21, 2026	CVE
LOW 2.3	CVE-2026-8416	Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file addFavoriteFolder($id)_CVE-2026-8416 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file addFavoriteFolder($id). The Con...	Concrete CMS	Concrete CMS 9.0	May 21, 2026	CVE
LOW 2.3	CVE-2026-8415	Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/express/association/reorder_CVE-2026-8415 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/express/association/reorder. The Conc...	Concrete CMS	Concrete CMS 9.0	May 21, 2026	CVE
LOW 2.3	CVE-2026-8414	Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate_CVE-2026-8414 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate. The Concrete CMS sec...	Concrete CMS	Concrete CMS 9.0	May 21, 2026	CVE
LOW 2.3	CVE-2026-8413	Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/design_CVE-2026-8413 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/design. The Concrete CMS se...	Concrete CMS	Concrete CMS 9.0	May 21, 2026	CVE
LOW 2.3	CVE-2026-8412	Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache_CVE-2026-8412 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache. The Concrete CMS se...	Concrete CMS	Concrete CMS 9.0	May 21, 2026	CVE
LOW 2.3	CVE-2026-8411	Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete_CVE-2026-8411 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete. The Concrete CMS se...	Concrete CMS	Concrete CMS 9.0	May 21, 2026	CVE
LOW 2.3	CVE-2026-8410	Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/bulk/delete_CVE-2026-8410 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/bulk/delete. The The Concrete C...	Concrete CMS	Concrete CMS 9.0	May 21, 2026	CVE
LOW 2.3	CVE-2026-7887	For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status_CVE-2026-7887 For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 (suspended, banned, termina...	Concrete CMS	Concrete CMS 5.0	May 21, 2026	CVE