CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.9	CVE-2026-11752	CVE-2026-11752_CVE-2026-11752 A vulnerability has been identified in armeria-xds versions 1.38.0 through 1.39.0, where DataSourceStream in the xDS module can resolve control-pla...	LY Corporation	Armeria 1.38.0	Jun 19, 2026	CVE
MEDIUM 5.1	CVE-2026-10720	MicroCeph path traversal issue in the remote-import API_CVE-2026-10720 Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trus...	Canonical	Microceph 19.2.1+snap74c0060321	Jun 19, 2026	CVE
MEDIUM 5.3	CVE-2026-10034	WP DSGVO Tools (GDPR) <= 3.1.39 - Missing Authorization to Unauthenticated Sensitive Personal Data Disclosure via subject-access-request AJAX Endpoint (process_now/is_ajax Parameters)_CVE-2026-10034 The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.39. This is due to t...	legalweb	WP DSGVO Tools (GDPR)	Jun 19, 2026	CVE
HIGH 8.6	CVE-2025-7737	DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual Storage Platform_CVE-2025-7737 DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual Storage Platform. This issue affects Hitachi Virtual Storage Platform E990, E1090, E...	Hitachi	Hitachi Virtual Storage Platform E990, E1090, E1090H	Jun 19, 2026	CVE
MEDIUM 5.3	CVE-2026-6798	2Download Connector for 2DL Hosted Checkout <= 0.1.5 - Missing Authorization to Unauthenticated Sensitive Customer Subscription Data Exposure via 'ToDownload_email' Parameter_CVE-2026-6798 The 2Download Connector for 2DL Hosted Checkout plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 0.1...	2download	2Download Connector for 2DL Hosted Checkout	Jun 19, 2026	CVE
HIGH 7.8	CVE-2026-46461	CVE-2026-46461_CVE-2026-46461 Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local acce...	Dell	Server Hardware Manager	Jun 19, 2026	CVE
MEDIUM 5.3	CVE-2026-3640	STRABL <= 4.5 - Unauthenticated Arbitrary Webhook Creation via REST API Endpoint_CVE-2026-3640 The STRABL – A checkout solution plugin for WordPress is vulnerable to Missing Authentication in all versions up to and including 4.5. The plugin r...	strablengineering	STRABL – A checkout solution	Jun 19, 2026	CVE
MEDIUM 5.6	CVE-2026-8296	CVE-2026-8296_CVE-2026-8296 In affected versions of Octopus Server with certain access levels it was possible to embed a Cross-Site Scripting Payload via artifacts.	Octopus Deploy	Octopus Server 2023.0.0	Jun 19, 2026	CVE
MEDIUM 5.3	CVE-2026-56138	Authenticated Path Traversal in AIL framework /objects/item/diff Allows Reading Gzip-Compressed Files_CVE-2026-56138 AIL framework contains a path traversal vulnerability in the /objects/item/diff endpoint. The endpoint accepts item identifiers through the s1 and ...	ail-project	ail-framework	Jun 19, 2026	CVE
HIGH 7.5	CVE-2026-11576	CVE-2026-11576_CVE-2026-11576 The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup labe...	Eclipse Foundation	Eclipse ThreadX - NetX Duo 6.4.2	Jun 19, 2026	CVE