Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.8	CVE-2026-36175	CVE-2026-36175_CVE-2026-36175 An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interr...	n/a	n/a n/a	Jun 4, 2026	CVE
CRITICAL 9.6	CVE-2026-35906	CVE-2026-35906_CVE-2026-35906 An undocumented debug CGI endpoint in T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03 allows unauthenticated attackers to execute arbitrar...	T3 Technology	T625Pro, T6825G v1.0.07, v1.0.03	Jun 4, 2026	CVE
MEDIUM 6.9	CVE-2026-7774	tarfile.data_filter path traversal bypass allows writing outside the extraction directory_CVE-2026-7774 tarfile.data_filter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive ...	Python Software Foundation	CPython	Jun 4, 2026	CVE
HIGH 8.8	CVE-2026-5228	Improper Access Control in Kurt Software Studio’s WriteUp Mobile App_CVE-2026-5228 Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly...	Kurt Software Studio	WriteUp Mobile App 1.3.0	Jun 4, 2026	CVE
LOW 2.1	CVE-2026-45287	OpenTelemetry-Go’s Schema ParseFile leaks file descriptors on each parse_CVE-2026-45287 OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, `go.opentelemetry.io/otel/schema/v1.0` and `go.opentelemetry.i...	open-telemetry	go.opentelemetry.io/otel/schema/v1.1 < 0.0.17	Jun 4, 2026	CVE
CRITICAL 9.9	CVE-2026-43986	Tautulli vulnerable to unauthenticated SSRF in /image/ via attacker-seeded image hash replay_CVE-2026-43986 Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose a public `/image/` route that resolv...	Tautulli	Tautulli < 2.17.1	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-41178	OpenTelemetry-Go’s baggage parsing no longer caps raw header length_CVE-2026-41178 OpenTelemetry-Go is the Go implementation of OpenTelemetry. Versions 1.41.0 and 1.43.0 removed raw-length rejection and it causes `Parse` to proces...	open-telemetry	go.opentelemetry.io/otel/baggage = 1.41.0	Jun 4, 2026	CVE
MEDIUM 5.4	CVE-2026-40930	LIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body_CVE-2026-40930 LIBPNG is a reference library for use in applications that process PNG (Portable Network Graphics) raster image files. In version 1.8.0, three inte...	pnggroup	libpng = 1.8.0	Jun 4, 2026	CVE
CRITICAL 9	CVE-2026-10868	MISP user edit endpoint mass assignment vulnerability allows unauthorized user account modification_CVE-2026-10868 A mass assignment vulnerability exists in the MISP user edit functionality due to insufficient filtering of user-supplied fields in UsersController...	misp	misp	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-10815	LakshayD02 Hostel-Management-System-PHP Admin Dashboard index.php authorization_CVE-2026-10815 A vulnerability was found in LakshayD02 Hostel-Management-System-PHP up to f87e67c283bab6f718faf2fec6ae39a13bd7036b. This issue affects some unknow...	LakshayD02	Hostel-Management-System-PHP f87e67c283bab6f718faf2fec6ae39a13bd7036b	Jun 4, 2026	CVE