CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.7	CVE-2026-45431	Command Injection Vulnerability in GX Earth ONT Models_CVE-2026-45431 This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web manage...	GX INDIA	GX Earth 2022 version E2022 - 3.1.2A	Jun 4, 2026	CVE
HIGH 7.2	CVE-2026-10843	Cloud-credential-operator: cco mint-mode credentialsrequest manifests grant account-wide iam access beyond cluster scope on aws_CVE-2026-10843 A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide ...	Red Hat	Red Hat OpenShift Container Platform 4	Jun 4, 2026	CVE
CRITICAL 9.6	CVE-2026-10840	Openshift-pipelines-operator-rh: openshift-pipelines-operator: tekton-scheduler-rolebinding grants system:authenticated write access to kueue and cert-manager resources_CVE-2026-10840 A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group wri...	Red Hat	Builds for Red Hat OpenShift	Jun 4, 2026	CVE
LOW 2	CVE-2026-10804	Streamlit Palette hashing.py weak hash_CVE-2026-10804 A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py o...	n/a	Streamlit 1.0	Jun 4, 2026	CVE
LOW 2	CVE-2026-10803	MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash_CVE-2026-10803 A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of t...	n/a	MLflow 3.0	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-10802	keystonejs keystone GraphQL API Endpoint output-field.ts resource consumption_CVE-2026-10802 A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/co...	keystonejs	keystone 20260319	Jun 4, 2026	CVE
HIGH 7.1	CVE-2025-52612	HCL iControl was affected by Export CSV – CSV Injection vulnerability._CVE-2025-52612 HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was...	HCL	iControl 4.0.0	Jun 4, 2026	CVE
LOW 3.1	CVE-2025-52611	HCL iControl was affected by Unhandled Exception – Stack Trace Disclosure vulnerability_CVE-2025-52611 HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being...	HCL	iControl 4.0.0	Jun 4, 2026	CVE
LOW 3.7	CVE-2025-52609	HCL iControl was affected by Missing Security Headers vulnerability._CVE-2025-52609 HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting (XSS) attacks by enabling the built-in XSS ...	HCL	iControl 4.0.0	Jun 4, 2026	CVE
LOW 3.1	CVE-2025-52608	HCL iControl was affected by Missing Cookie Attributes vulnerability._CVE-2025-52608 HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical cookie attr...	HCL	iControl 4.0.0	Jun 4, 2026	CVE