CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-56121	Feast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC Deserialization_CVE-2026-56121 Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code e...	feast-dev	feast	Jun 24, 2026	CVE
HIGH 8.3	CVE-2026-56111	Marlin Firmware 2.1.2.7 Out-of-Bounds Write via M421 G-code Handler_CVE-2026-56111 Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESH_BED_LEVELING enabled, contains an out-of-bounds write vulnerability ...	MarlinFirmware	Marlin	Jun 24, 2026	CVE
HIGH 7.7	CVE-2026-55488	motionEye’s Absolute Path Traversal in Media File Handlers Allows Arbitrary File Read_CVE-2026-55488 motionEye (mEye) is an online interface for a piece of software called "motion," which is a video surveillance program with motion detection. Versi...	motioneye-project	motioneye < 0.44.0	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-50712	Frappe Framework 17.0.0-dev – Stored XSS in Tree View node label rendering_CVE-2026-50712 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50711	Frappe Framework 17.0.0-dev – Stored XSS in Number Card filter fields rendering_CVE-2026-50711 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50710	Frappe Framework 17.0.0-dev – Stored XSS via eval in Number Card filters_config_CVE-2026-50710 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-50709	Frappe Framework 17.0.0-dev – Stored XSS in Notifications Events color rendering_CVE-2026-50709 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-50708	Frappe Framework 17.0.0-dev – Stored XSS in Multi Select Dialog result rendering_CVE-2026-50708 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50705	Frappe Framework 17.0.0-dev – Stored XSS in Form Dashboard headline rendering_CVE-2026-50705 A Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of untrusted input in the F...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50704	Frappe Framework 17.0.0-dev – Reflected/Stored XSS in File View breadcrumbs rendering_CVE-2026-50704 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE