CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-45778	Open XDMoD Vulnerable to Reflected Cross-Site Scripting (XSS) in Password Reset_CVE-2026-45778 OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, an authenticated attacker can inject malicious Ja...	ubccr	xdmod < 11.0.3	Jun 5, 2026	CVE
CRITICAL 9.3	CVE-2026-45777	Open XDMoD Vulnerable to Unauthenticated Remote Code Execution (RCE) via OS Command Injection_CVE-2026-45777 OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Starting in version 9.5.0 and prior to version 11.0.3, an attacker can rem...	ubccr	xdmod >= 9.5.0, < 11.0.3	Jun 5, 2026	CVE
CRITICAL 9.6	CVE-2026-45758	Malicious code in guardrails-ai 0.10.1 (supply chain compromise)_CVE-2026-45758 Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a mal...	guardrails-ai	guardrails = 0.10.1	Jun 5, 2026	CVE
HIGH 7.4	CVE-2026-45300	async-http-client: Cookie header not stripped on cross-origin redirect_CVE-2026-45300 The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on t...	AsyncHttpClient	async-http-client >= 3.0.0.Beta1, < 3.0.10	Jun 5, 2026	CVE
MEDIUM 5.7	CVE-2026-25624	Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting_CVE-2026-25624 An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Ari...	Arista Networks	Arista Edge Threat Management - Arista Next Generation Firewall (NGFW)	Jun 5, 2026	CVE
MEDIUM 6	CVE-2026-25623	Arista Edge Threat Management NGFW UI Arbitrary Command Execution_CVE-2026-25623 An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Genera...	Arista Networks	Arista Edge Threat Management - Arista Next Generation Firewall (NGFW)	Jun 5, 2026	CVE
MEDIUM 6	CVE-2026-25622	Arista Edge Threat Management NGFW Captive Portal Custom Handler Command Injection_CVE-2026-25622 A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). O...	Arista Networks	Arista Edge Threat Management - Arista Next Generation Firewall (NGFW)	Jun 5, 2026	CVE
MEDIUM 6	CVE-2026-25621	Arista Edge Threat Management NGFW Reports Application Insecure Input Validation_CVE-2026-25621 A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure...	Arista Networks	Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) 17.4.0	Jun 5, 2026	CVE
MEDIUM 6	CVE-2026-25620	Arista Edge Threat Management NGFW Captive Portal Encrypted Password Command Injection_CVE-2026-25620 An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista ...	Arista Networks	Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) 17.4.0	Jun 5, 2026	CVE
CRITICAL 10	CVE-2026-11420	Path Traversal in Altium Enterprise Server NIS Allows Unauthenticated Arbitrary File Write and File Read_CVE-2026-11420 Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker ...	Altium	Altium Enterprise Server	Jun 5, 2026	CVE