CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.7	CVE-2026-47170	Garlic-Hub: SSRF vulnerability in uploadFromUrl endpoint_CVE-2026-47170 Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authentic...	garlic-signage	garlic-hub < 1.1	Jun 11, 2026	CVE
HIGH 7.5	CVE-2026-47169	Quest Bot: Manage Server users can configure AutoRole to grant Administrator to controlled joining accounts_CVE-2026-47169 Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a user with Manage Server / Mana...	duck-organization	quest-bot < 1.0.3	Jun 11, 2026	CVE
MEDIUM 5.1	CVE-2026-47167	Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex_CVE-2026-47167 Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch() in the cucumber ...	vim	vim < 9.2.0496	Jun 11, 2026	CVE
HIGH 7.2	CVE-2026-47163	Quest Bot: Unprivileged users can create and remove AutoMod rules._CVE-2026-47163 Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke ...	duck-organization	quest-bot < 1.0.1	Jun 11, 2026	CVE
HIGH 7.3	CVE-2026-47162	Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name_CVE-2026-47162 Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave(...	vim	vim < 9.2.0495	Jun 11, 2026	CVE
HIGH 8.8	CVE-2026-46519	mcp-server-kubernetes Affected By Tool Access Control Bypass: Presentation-Layer Filtering Without Execution-Layer Enforcement_CVE-2026-46519 mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.6.0, mcp-server-kubernetes exposes t...	Flux159	mcp-server-kubernetes < 3.6.0	Jun 11, 2026	CVE
HIGH 8.4	CVE-2026-45178	Idira Secrets Manager Self-Hosted: Improper Access Control in Internal Cluster Endpoints_CVE-2026-45178 Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control within internal cluster endpoints. A remote, authentica...	CyberArk Software, a Palo Alto Networks Company	Conjur Enterprise 13.0	Jun 11, 2026	CVE
CRITICAL 9.1	CVE-2026-45177	Idira Secrets Manager SaaS Edge: Authentication Bypass of an internal validation mechanism_CVE-2026-45177 Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unau...	CyberArk Software, a Palo Alto Networks Company	Conjur Cloud (Edge Finding only) 1.0	Jun 11, 2026	CVE
HIGH 8.9	CVE-2026-45176	Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation_CVE-2026-45176 Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low...	CyberArk Software, a Palo Alto Networks Company	Idira Endpoint Privilege Manager 26.0	Jun 11, 2026	CVE
HIGH 7.6	CVE-2026-11774	389-ds-base: 389-ds-base: integer overflow in sasl packet length bypasses size limit leading to heap buffer overflow_CVE-2026-11774 An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). In sasl_io_start_packet(), adding sizeof(uint32_t) ...	Red Hat	Red Hat Directory Server 11	Jun 11, 2026	CVE