tapic - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	QUALYSBLOG:FAEE...	What Changed in OWASP Top 10 2025 and Recommendations for Each Category_QUALYSBLOG:FAEEFB8C63E738452101F3466498A8D5 ##### Key Takeaways * The 2025 list introduces two new categories – Software Supply Chain Failures (A03) and Mishandling of Exceptional Conditi...	N/A	N/A	Jun 15, 2026	QUALYSBLOG
CRITICAL 9.8	CVE-2026-41157	GPU DDK – OOB Write in CalculateNPOTTwiddleSparsePageMap3D_CVE-2026-41157 A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space...	Imagination Technologies	Graphics DDK 1.18 RTM, 23.2 RTM, 24.2 RTM, 25.1 RTM, 26.1 RTM	Jun 12, 2026	CVE
LOW 3.4	CVE-2026-9062	Agile Store Locator < 1.6.9 - Admin+ Arbitrary File Read via Path Traversal_CVE-2026-9062 The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in a file path, allowing high-privileged users such a...	Unknown	Store Locator WordPress	Jun 13, 2026	CVE
LOW 3.5	CVE-2026-9061	Agile Store Locator < 1.6.9 - Admin+ Stored XSS via logo_name_CVE-2026-9061 The Store Locator WordPress plugin before 1.6.9 does not sanitize and escape store logo metadata before storing it and outputting it on the Store L...	Unknown	Store Locator WordPress	Jun 13, 2026	CVE
MEDIUM 5.4	CVE-2026-9278	Form Builder CP < 1.2.47 - Editor+ Stored XSS via form_structure_CVE-2026-9278 The Form Builder CP WordPress plugin before 1.2.47 does not properly sanitize a form configuration value before storing it and using it as part of ...	Unknown	Form Builder CP	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-9863	Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability_CVE-2026-9863 Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installation...	Fortra	Core Privileged Access Manager (BoKS) boks-server 8.1.0.0	Jun 15, 2026	CVE
CRITICAL 9.8	CVE-2026-9862	Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability_CVE-2026-9862 Fortra's Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker ...	Fortra	Core Privileged Access Manager (BoKS) boks-server 8.1.0.0	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-9595	webpack-dev-server vulnerable to HMR WebSocket interception via permissive user proxies_CVE-2026-9595 Impact: When a user-configured proxy on webpack-dev-server has a broad context (e.g. /) and ws: true, it also intercepts the dev server's own HMR W...	webpack-dev-server	webpack-dev-server	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-8683	Overly long URLs crash the Mattermost Desktop App_CVE-2026-8683 Mattermost Desktop App versions	Mattermost	Mattermost	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-5038	multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads_CVE-2026-5038 Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malf...	multer	multer 2.0.0-alpha.1	Jun 15, 2026	CVE