Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.7	CVE-2026-49851	Mistune: Potential DoS via quadratic-time parsing in parse_link_text_CVE-2026-49851 Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear (a...	lepture	mistune < 3.3.0	Jun 24, 2026	CVE
MEDIUM 4.3	CVE-2026-48789	AnythingLLM: Windows path containment bypass in document folder route_CVE-2026-48789 AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Win...	Mintplex-Labs	anything-llm < 1.13.0	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48732	Warp: Remote SSH cwd can lead to unauthorized remote command execution_CVE-2026-48732 Warp is an agentic development environment. From 0.2023.03.21.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2023.03.21.08.02.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-48731	Warp: Linux external editor command injection_CVE-2026-48731 Warp is an agentic development environment. From 0.2024.02.20.08.01.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2024.02.20.08.01.stable_01, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.1	CVE-2026-48725	Warp may allow terminal output to access the local clipboard through OSC 52_CVE-2026-48725 Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp allows terminal output to re...	warpdotdev	warp >= 0.2021.04.25.23.05.stable_00, < v0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.6	CVE-2026-48721	Warp: Env-var prefixes can lead to denylisted command autoexecution_CVE-2026-48721 Warp is an agentic development environment. From 0.2025.10.08.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...	warpdotdev	warp >= 0.2025.10.08.08.12.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48720	Warp: SSH remote output can lead to local file overwrite and persistence_CVE-2026-48720 Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337...	warpdotdev	warp >= 0.2025.03.05.08.02.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8	CVE-2026-48719	Warp branch selector command injection via Git branch names_CVE-2026-48719 Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2025.08.06.08.12.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48704	Warp Markdown notebook links may open executable local files_CVE-2026-48704 Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.05.06.15.42.stable_01, Warp may open executable local fi...	warpdotdev	warp >= 0.2023.10.24.08.03.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-48703	Warp: Command Injection via Warp code search tool arguments_CVE-2026-48703 Warp is an agentic development environment. From 0.2025.04.09.08.11.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...	warpdotdev	warp >= 0.2025.04.09.08.11.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE