Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-56235	Capgo – Unauthenticated Cross-Tenant Metrics Disclosure via RPC Functions_CVE-2026-56235 Cap-go capgo before 12.128.2 contains an authorization bypass in several Supabase PostgREST RPC functions (get_app_metrics, get_global_metrics, get...	Cap-go	capgo	Jun 20, 2026	CVE
MEDIUM 6.9	CVE-2026-56228	Capgo – Denial of Service via Improper Password Policy Length Validation_CVE-2026-56228 Capgo before 12.128.2 fails to enforce a maximum value on the minimum password length field in its password policy configuration. An authenticated ...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 5.3	CVE-2026-56227	Capgo – Server-Side Request Forgery via Webhook URL Validation_CVE-2026-56227 Capgo before 12.128.2 contains a server-side request forgery vulnerability in webhook URL validation that allows loopback and internal addresses. O...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 6.9	CVE-2026-56218	Capgo – EXIF Metadata Exposure via Image Upload_CVE-2026-56218 Capgo before 12.128.2 fails to strip EXIF metadata including GPS geolocation data from uploaded images, allowing information disclosure. Attackers ...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 5.1	CVE-2025-71331	Flowise – Cross-Site Scripting in Chat Messages and Agent Workflows_CVE-2025-71331 Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent f...	Flowise	Flowise	Jun 20, 2026	CVE
CRITICAL 9.9	CVE-2026-5366	Git Argument Injection in prefecthq/prefect_CVE-2026-5366 Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the `GitRepository` storage clas...	prefecthq	prefecthq/prefect unspecified	Jun 20, 2026	CVE
HIGH 8.2	90EC8998-FB96-	explotability_analysis_ebpf_90EC8998-FB96-54C8-B382-EB8D24257354 eBPF Verifier Exploit Research — s344024 Romano Simone Research project for the Security Verification and Testing SVT course — analysis and exploit...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
CRITICAL 9.8	51654478-7539-	Exploit for OS Command Injection in Redhat Openshift_Container_Platform_51654478-7539-5748-ADF6-E1E5CD131F2F CVE-2026-4480-PoC...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	7D09A83C-C6CD-	browserlover_7D09A83C-C6CD-5EFA-9E1F-FE28400B2E1F No description provided...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
LOW 2.3	CVE-2026-56325	Capgo – App ID Confusion via ILIKE Wildcard in Preview Subdomain Lookup_CVE-2026-56325 Capgo before 12.128.2 uses ILIKE pattern matching instead of exact matching for app_id lookup in the preview subdomain resolver, allowing underscor...	Capgo	Capgo	Jun 20, 2026	CVE