exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8	CVE-2026-54030	LibreChat: Missing Resource Parameter Validation in MCP OAuth Flow_CVE-2026-54030 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.5, LibreChat's MCP OAuth implementation does not validate ...	danny-avila	LibreChat < 0.8.5	Jun 25, 2026	CVE
MEDIUM 5.3	CVE-2026-54029	LibreChat: IDOR in Message Deletion — Incomplete Fix for CVE-2024-41703 Leaves deleteMessages() Without User Filter_CVE-2026-54029 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId...	danny-avila	LibreChat < 0.8.4-rc1	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-54027	LibreChat: Image Upload Route Bypasses Agent Permission Check — Incomplete Fix for File Upload Authorization_CVE-2026-54027 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/files/images endpoint allows any auth...	danny-avila	LibreChat < 0.8.4-rc1	Jun 25, 2026	CVE
MEDIUM 5.4	CVE-2026-54025	LibreChat: Stored XSS via unescaped image alt text in markdown artifact preview_CVE-2026-54025 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, there is a vulnerability in LibreChat's markdown ar...	danny-avila	LibreChat < 0.8.4-rc1	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-54024	LibreChat: Incomplete Fix for CVE-2024-11171 — Conversation Import Multer Instance Missing File Size Limits_CVE-2026-54024 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2024-11171 (commit bb58a2d0) added ...	danny-avila	LibreChat < 0.8.4-rc1	Jun 25, 2026	CVE
HIGH 7.2	CVE-2026-45233	HTMLy CMS 3.1.1 Path Traversal via oldfile Parameter in Autosave_CVE-2026-45233 HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by s...	danpros	htmly	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-13351	net: Maliciously fragmented IPv6 packets can prevent receiving/processing future incoming packets_CVE-2026-13351 Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragment...	zephyrproject-rtos	Zephyr *	Jun 25, 2026	CVE
LOW 2.3	CVE-2026-13350	CVE-2026-13350_CVE-2026-13350 Permissions where checked incorrectly during room creation, allowing attackers to create rooms of types they shouldn't be allowed to create.	pretix	Venueless 0.0.0	Jun 25, 2026	CVE
MEDIUM 6	CVE-2026-6291	Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption_CVE-2026-6291 Bleichenbacher padding oracle in PKCS#7 KTRI decryption. When decrypting PKCS#7 EnvelopedData using RSA PKCS#1 v1.5 key transport, wolfSSL returned...	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE
MEDIUM 6.3	CVE-2026-6094	Heap buffer overread in wc_PKCS7_DecodeEnvelopedData parsing crafted PKCS7 EnvelopedData_CVE-2026-6094 Heap buffer overread in wc_PKCS7_DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-su...	wolfSSL	wolfSSL 5.8.0	Jun 25, 2026	CVE