CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-4027	FlexNet Manager Suite Attachment File Disclosure_CVE-2026-4027 A security vulnerability has been identified in FlexNet Manager Suite 2025 R1 and R2 that could allow unauthorized access to attachment files due t...	Flexera	FlexNet Manager Suite 2025 R1	Jun 19, 2026	CVE
HIGH 8.7	CVE-2026-4026	FlexNet Manager Suite Privilege Escalation Vulnerability_CVE-2026-4026 A security vulnerability has been identified in FlexNet Manager Suite 2025 R1 that could allow an authenticated user with read-only access to accou...	Flexera	FlexNet Manager Suite 2025 R1	Jun 19, 2026	CVE
MEDIUM 5.3	CVE-2026-49872	Apache APISIX: Improper authentication in cas-auth plugin_CVE-2026-49872 Improper Authentication vulnerability in Apache APISIX. When the cas-auth plugin is used in a route, an attacker can possibly authenticate itself ...	Apache Software Foundation	Apache APISIX 3.0.0	Jun 19, 2026	CVE
LOW 2.1	CVE-2026-49871	Apache APISIX: cas-auth login CSRF / session injection issue_CVE-2026-49871 Cross-Site Request Forgery (CSRF) vulnerability in the cas-auth plugin under default configurations. This defect allows a remote attacker that man...	Apache Software Foundation	Apache APISIX 3.0.0	Jun 19, 2026	CVE
HIGH 8.8	CVE-2026-49357	Streamable HTTP mode exposes LINE Desktop read/send tools without MCP authentication_CVE-2026-49357 Line Desktop MCP is a project that, while unaffiliated with the official line-bot-mcp-server, allows users to directly operate the LINE Desktop app...	dtwang	line-desktop-mcp < 1.1.2	Jun 19, 2026	CVE
LOW 2.3	CVE-2026-49231	Apache APISIX: Identity spoofing issue in APISIX opa plugin_CVE-2026-49231 Authentication Bypass by Spoofing vulnerability in opa plugin. An attacker could relay spoofed identity headers to upstream capitalising on non-de...	Apache Software Foundation	Apache APISIX 3.5.0	Jun 19, 2026	CVE
MEDIUM 6.3	CVE-2026-49230	Apache APISIX: Authentication bypass in jwe-decrypt_CVE-2026-49230 Improper Validation of Integrity Check Value vulnerability in Apache APISIX. The jwe-decrypt plugin under default configuration is vulnerable to a...	Apache Software Foundation	Apache APISIX 3.8.0	Jun 19, 2026	CVE
LOW 2.1	CVE-2026-48895	Apache APISIX: Cas-auth Host header influence on CAS service URL_CVE-2026-48895 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The attacker could manipulate some client headers to perform a...	Apache Software Foundation	Apache APISIX 3.0.0	Jun 19, 2026	CVE
MEDIUM 5.3	CVE-2026-48141	Memory leak in NI grpc-device BeginSidebandStream_CVE-2026-48141 There is a memory leak in NI grpc-device BeginSidebandStream that may result in denial of service due to memory exhaustion. This affects NI grpc-d...	NI	grpc-device	Jun 19, 2026	CVE
MEDIUM 6.5	CVE-2026-48140	Unchecked enum cast vulnerability in NI grpc-device in BeginSidebandStream_CVE-2026-48140 There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and u...	NI	grpc-device	Jun 19, 2026	CVE