CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2025-67446	CVE-2025-67446_CVE-2025-67446 Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cook...	Neterbit	NW-431F Router 20241014-IR03 and before	Jun 4, 2026	CVE
HIGH 7.4	CVE-2026-50292	CVE-2026-50292_CVE-2026-50292 In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary roo...	freedesktop	libinput	Jun 4, 2026	CVE
MEDIUM 6.8	CVE-2026-48040	netty-incubator-codec-ohttp’s Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access_CVE-2026-48040 The netty incubator codec.bhttp is a java language binary http parser. The library implements Oblivious HTTP (RFC 9458) using BoringSSL's HPKE C li...	netty	netty-incubator-codec-ohttp < 0.0.22.Final	Jun 4, 2026	CVE
MEDIUM 5.4	CVE-2026-42547	IRIS Alerts Can be Falsely Attributed to Customers_CVE-2026-42547 IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, use...	dfir-iris	iris-web < 2.4.28	Jun 4, 2026	CVE
MEDIUM 4.3	CVE-2026-42543	IRIS has a Cross-Site Request Forgery (CSRF) issue_CVE-2026-42543 IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 are vul...	dfir-iris	iris-web < 2.4.28	Jun 4, 2026	CVE
MEDIUM 4.3	CVE-2026-42540	IRIS has a Mass Assignment issue_CVE-2026-42540 IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a...	dfir-iris	iris-web < 2.4.28	Jun 4, 2026	CVE
MEDIUM 6.5	CVE-2026-42539	IRIS has an Excessive Data Exposure issue_CVE-2026-42539 IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return ...	dfir-iris	iris-web < 2.4.28	Jun 4, 2026	CVE
HIGH 7.4	CVE-2026-44393	CVE-2026-44393_CVE-2026-44393 An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verifica...	n/a	n/a n/a	Jun 4, 2026	CVE
HIGH 8.8	CVE-2026-43985	Taultulli has CSRF in /configUpdate via missing anti-CSRF and method restriction that allows admin credential takeover_CVE-2026-43985 Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose `configUpdate` as a state-changing a...	Tautulli	Tautulli < 2.17.1	Jun 4, 2026	CVE
HIGH 8.9	CVE-2026-43984	Tautulli has stored XSS in logFile via guest-controlled log_js_errors input_CVE-2026-43984 Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose `log_js_errors` to any authenticated...	Tautulli	Tautulli < 2.17.1	Jun 4, 2026	CVE