exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-50221	CVE-2026-50221_CVE-2026-50221 In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers (X-Container-Host, X-Container-Device, X-Delete-At-Host, X-De...	OpenStack	Swift 2.0.0	Jun 23, 2026	CVE
MEDIUM 5.2	CVE-2026-49983	Deno: process.loadEnvFile() bypasses env permission checks and mutates process.env with only read access_CVE-2026-49983 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, environment access is gated by the env permission. You can deny it with ...	denoland	deno < 2.8.1	Jun 23, 2026	CVE
MEDIUM 5.2	CVE-2026-49860	Deno: WebSocket API sandbox bypass via missing post-DNS check_CVE-2026-49860 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hos...	denoland	deno < 2.8.1	Jun 23, 2026	CVE
MEDIUM 5.2	CVE-2026-49859	Deno: `fetch()` API sandbox bypass via missing DNS resolution check_CVE-2026-49859 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when fetch() was called, Deno checked the destination hostname against -...	denoland	deno < 2.8.1	Jun 23, 2026	CVE
HIGH 7.4	CVE-2026-49440	Deno: Miller-Rabin Primality Test Allows Zero Rounds_CVE-2026-49440 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, node:crypto.checkPrime(candidate[, options][, callback]) and crypto.chec...	denoland	deno < 2.8.1	Jun 23, 2026	CVE
MEDIUM 6.5	CVE-2026-49411	Deno Node TCPWrap numeric hostname aliases bypass –deny-net resolved-IP deny checks_CVE-2026-49411 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.0, the Node.js compatibility TCP path checked the permission against the or...	denoland	deno < 2.8.0	Jun 23, 2026	CVE
MEDIUM 5.5	CVE-2026-49406	Deno: BYONM module resolution allows `package.json` main path traversal to bypass `–allow-read` restrictions_CVE-2026-49406 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.12, when Deno was run in BYONM mode (nodeModulesDir: "manual"), the module ...	denoland	deno < 2.7.12	Jun 23, 2026	CVE
HIGH 8.1	CVE-2026-49402	Deno: Command Injection via spawnSync & spawn on Windows_CVE-2026-49402 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.10, Deno's node:child_process implementation provided an escapeShellArg() h...	denoland	deno < 2.7.10	Jun 23, 2026	CVE
HIGH 7.3	CVE-2026-49401	Deno Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)_CVE-2026-49401 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions...	denoland	deno < 2.7.14	Jun 23, 2026	CVE
HIGH 7.4	CVE-2026-44726	Deno: TLS retry copies stale upgrade hook, risking plaintext traffic_CVE-2026-44726 Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.0.0 until 2.7.8, a flaw in Deno's Node.js tls compatibility layer could cause a T...	denoland	deno >= 2.0.0, < 2.7.8	Jun 23, 2026	CVE