CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.3	CVE-2026-12986	CVE-2026-12986_CVE-2026-12986 A critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows the attac...	Payara	Payara Server 7.2025.1	Jun 24, 2026	CVE
HIGH 8.2	CVE-2026-11878	Reflected Cross-Site Scripting vulnerability in OpenText Access Manager_CVE-2026-11878 Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText Access Manager allows Cross-Site Scr...	OpenText	Access Manager 5.1	Jun 24, 2026	CVE
MEDIUM 6.3	CVE-2026-11877	Missing Authorization Vulnerability in OpenText Access Manager_CVE-2026-11877 An unauthorized user can modify configuration through API calls that affects the OpenText Access Manager. This issue affects Access Manager before ...	OpenText	Access Manager 5.1	Jun 24, 2026	CVE
CRITICAL 9.3	CVE-2026-56121	Feast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC Deserialization_CVE-2026-56121 Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code e...	feast-dev	feast	Jun 24, 2026	CVE
HIGH 8.3	CVE-2026-56111	Marlin Firmware 2.1.2.7 Out-of-Bounds Write via M421 G-code Handler_CVE-2026-56111 Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESH_BED_LEVELING enabled, contains an out-of-bounds write vulnerability ...	MarlinFirmware	Marlin	Jun 24, 2026	CVE
HIGH 7.7	CVE-2026-55488	motionEye’s Absolute Path Traversal in Media File Handlers Allows Arbitrary File Read_CVE-2026-55488 motionEye (mEye) is an online interface for a piece of software called "motion," which is a video surveillance program with motion detection. Versi...	motioneye-project	motioneye < 0.44.0	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-50712	Frappe Framework 17.0.0-dev – Stored XSS in Tree View node label rendering_CVE-2026-50712 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50711	Frappe Framework 17.0.0-dev – Stored XSS in Number Card filter fields rendering_CVE-2026-50711 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50710	Frappe Framework 17.0.0-dev – Stored XSS via eval in Number Card filters_config_CVE-2026-50710 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-50709	Frappe Framework 17.0.0-dev – Stored XSS in Notifications Events color rendering_CVE-2026-50709 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE