exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.4	CVE-2026-47778	Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (Auth Bypass)_CVE-2026-47778 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural f...	envoyproxy	envoy >= 1.38.0, < 1.38.1	Jun 26, 2026	CVE
MEDIUM 6.8	CVE-2026-47775	Envoy OAuth2 Filter: Padding Oracle via AES-256-CBC Cookie Decryption_CVE-2026-47775 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTT...	envoyproxy	envoy >= 1.38.0, < 1.38.1	Jun 26, 2026	CVE
MEDIUM 4.8	CVE-2026-47692	Envoy: PROXY Protocol v2 header generator emits “skipped” TLVs, causing 65 KB attacker-controlled spillover into the upstream application stream_CVE-2026-47692 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, PROXY...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-47221	Envoy: Null pointer deref in internal redirects_CVE-2026-47221 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the r...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-47207	Envoy crashes if multiple unexpected ext_proc responses are packed into one gRPC message_CVE-2026-47207 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-47204	Envoy: grpc_stats filter segfault on Connect protocol requests to direct_response routes_CVE-2026-47204 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the e...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-54753	Nx: `nx graph` dev server permissive CORS policy_CVE-2026-54753 Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx gr...	nrwl	nx >= 17.0.4, < 22.7.2	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-48090	Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash risk)_CVE-2026-48090 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter ...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-47220	Envoy: Segmentation fault when using %REQUESTED_SERVER_NAME% in log format_CVE-2026-47220 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SER...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-47205	Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides_CVE-2026-47205 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Fr...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE