tapic - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.3	CVE-2026-56367	ImageMagick – Heap Out-of-Bounds Read in PSB RLE Decoding_CVE-2026-56367 ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in cod...	ImageMagick	ImageMagick	Jun 21, 2026	CVE
MEDIUM 6.9	CVE-2026-56316	Cap-go – Job Existence Oracle via Unauthenticated OPTIONS /build/upload/:jobId/_CVE-2026-56316 Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/ endpoint that allows unauthenticated ...	Cap-go	capgo	Jun 21, 2026	CVE
MEDIUM 6.9	CVE-2026-56299	Capgo – Denial of Service via Unauthenticated OPTIONS Request to /build/upload Endpoint_CVE-2026-56299 Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/* endpoint that allows unauthenticated attackers ...	Capgo	Capgo	Jun 21, 2026	CVE
CRITICAL 9.3	CVE-2026-56265	Crawl4AI – Authentication Bypass via Hardcoded JWT Signing Key_CVE-2026-56265 Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attacker...	Crawl4AI	Crawl4AI	Jun 21, 2026	CVE
HIGH 8.7	CVE-2026-56253	Capgo – Unauthenticated Organization Member Email Disclosure via get_org_members RPC_CVE-2026-56253 Capgo before 12.128.2 contains an improper access control vulnerability in the public.get_org_members RPC function that allows unauthenticated atta...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7	CVE-2026-56251	Capgo – Privilege Escalation via Broken Row Level Security in org_users_CVE-2026-56251 Capgo before 12.128.2 contains a broken row level security policy in the org_users table that allows authenticated users to elevate privileges from...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 8.7	CVE-2026-56242	Capgo – Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPC_CVE-2026-56242 Capgo before 12.128.2 contains an unauthenticated security definer RPC function get_identity_apikey_only that returns the owning user_id for suppli...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7.2	CVE-2026-56239	Capgo – Privilege Escalation via SECURITY DEFINER Function apply_usage_overage_CVE-2026-56239 Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public.apply_usage_overage SECURITY DEFINER function, which pe...	Capgo	Capgo	Jun 21, 2026	CVE
MEDIUM 6.8	CVE-2026-56236	Capgo CLI – Arbitrary File Overwrite via Symlink-Following in Local Credential Operations_CVE-2026-56236 Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without ...	capgo	cli	Jun 21, 2026	CVE
HIGH 7.1	CVE-2026-56229	Capgo – Cross-App Build Job Access via app_id/job_id Mismatch in /build/status and /build/logs_CVE-2026-56229 Capgo before 12.128.2 contains an authorization bypass vulnerability in the /build/status and /build/logs endpoints that allows attackers to access...	Capgo	Capgo	Jun 21, 2026	CVE