Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-49346	libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow_CVE-2026-49346 libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and...	strukturag	libde265 < 1.1.0	Jun 19, 2026	CVE
MEDIUM 4.3	CVE-2026-49337	libde265 has an unbounded memory leak via orphaned slice headers in `read_slice_NAL`_CVE-2026-49337 libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes `decoder_...	strukturag	libde265 < 1.0.20	Jun 19, 2026	CVE
HIGH 7.1	CVE-2026-49295	libde265 has an out-of-bounds write in process_reference_picture_set via predicted short-term RPS_CVE-2026-49295 libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds a...	strukturag	libde265 < 1.0.20	Jun 19, 2026	CVE
LOW 1.3	CVE-2026-48794	Authelia has an Edge Case Access Control Rule Mismatch_CVE-2026-48794 Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications vi...	authelia	authelia >= 4.36.0, < 4.39.20	Jun 19, 2026	CVE
MEDIUM 6.5	CVE-2026-48129	Kestra task inputFiles accepts traversal filenames for worker file writes_CVE-2026-48129 Kestra is an open-source, event-driven orchestration platform. Prior to versions 1.3.19, 1.2.19, 1.1.19, and 1.0.43, Kestra task `inputFiles` write...	kestra-io	kestra < 1.0.43	Jun 19, 2026	CVE
LOW 2.9	CVE-2026-47203	Authelia Missing Username Canonicalization in Basic Auth (LDAP)_CVE-2026-47203 Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications vi...	authelia	authelia >= 4.38.0, < 4.39.20	Jun 19, 2026	CVE
MEDIUM 6.5	CVE-2026-50519	Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability_CVE-2026-50519 {“lastseen”:””,”description”:””,”published”:”2026-06-19T20:28:35.395Z”,&#82...	Microsoft	GitHub Copilot Chat 1.0.0	Jun 19, 2026	CVE
CRITICAL 9.9	CVE-2026-48584	Microsoft Azure Synapse Elevation of Privilege Vulnerability_CVE-2026-48584 {“lastseen”:””,”description”:””,”published”:”2026-06-19T20:27:48.494Z”,&#82...	Microsoft	Azure Synapse -	Jun 19, 2026	CVE
CRITICAL 9.6	CVE-2026-48582	Microsoft Exchange Online Elevation of Privilege Vulnerability_CVE-2026-48582 {“lastseen”:””,”description”:””,”published”:”2026-06-19T20:29:41.615Z”,&#82...	Microsoft	Microsoft Exchange Online -	Jun 19, 2026	CVE
HIGH 8.8	CVE-2026-47645	Microsoft 365 Copilot’s Business Chat Elevation of Privilege Vulnerability_CVE-2026-47645 {“lastseen”:””,”description”:””,”published”:”2026-06-19T20:29:42.232Z”,&#82...	Microsoft	Microsoft 365 Copilot -	Jun 19, 2026	CVE