CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	MS:CVE-2026-12466	CVE-2026-12466 Heap buffer overflow in WebRTC_MS:CVE-2026-12466 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
NONE	SCHNEIER:488EA6...	Friday Squid Blogging: Victims of Unregulated Squid Fishing_SCHNEIER:488EA6640AADC6C49C93CC00BF303B57 Dolphins, sharks, turtles, and human workers are all victims of unregulated squid fishing fleets. Another news article. As usual, you can also us...	N/A	N/A	Jun 19, 2026	SCHNEIER
MEDIUM 5.3	CVE-2026-49345	Mercator CVE Configuration Vulnerable to Server-Side Request Forgery (SSRF)_CVE-2026-49345 Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, a Server-Side Request Forge...	sourcentis	mercator < 2025.05.19	Jun 19, 2026	CVE
HIGH 7.1	CVE-2026-49344	Mercator has a Personal Identifiable Information Leak from Query Executor feature_CVE-2026-49344 Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, Mercator's Query Engine (`/...	sourcentis	mercator < 2025.05.19	Jun 19, 2026	CVE
MEDIUM 5.3	CVE-2026-49342	YARD static cache reads raw traversal paths before router sanitization_CVE-2026-49342 YARD is a documentation generation tool for the Ruby programming language. Prior to version 0.9.44, YARD's static cache lookup reads a request path...	lsegal	yard < 0.9.44	Jun 19, 2026	CVE
HIGH 7.4	CVE-2026-48787	gin-vue-admin vulnerable to RCE_CVE-2026-48787 gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature ...	flipped-aurora	gin-vue-admin = 2.9.1	Jun 19, 2026	CVE
HIGH 7.5	CVE-2026-48774	ProxySQL MCP run_sql_readonly executes side-effecting MySQL multi-statements despite read-only contract_CVE-2026-48774 ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 3.0.0 through 3.0.8, ProxySQL's GenAI/MCP `run_sql_readonly` tool v...	sysown	proxysql >= 3.0.6, < 3.0.9	Jun 19, 2026	CVE
CRITICAL 9.8	CVE-2026-48773	ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling_CVE-2026-48773 ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. Versions 2.0.18 through 3.0.8 have a pre-authentication heap memory corruption ...	sysown	proxysql >= 2.0.18, < 3.0.9	Jun 19, 2026	CVE
CRITICAL 10	CVE-2026-48772	ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL_CVE-2026-48772 ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the `PROXY...	sysown	proxysql >= 2.0.0, < 3.0.9	Jun 19, 2026	CVE
HIGH 7.7	CVE-2026-48715	radvdump’s Route Information Option Parser has a Stack Buffer Overflow_CVE-2026-48715 radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the `radvdump` utility shipped with radvd contains a stack buffer overflow ...	radvd-project	radvdump < 2.21	Jun 19, 2026	CVE