exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.4	CVE-2026-46550	NocoDB: Refresh Token Cookie Set Without `Secure` and `SameSite` Flags_CVE-2026-46550 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing bot...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE
LOW 2	CVE-2026-46549	NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation_CVE-2026-46549 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the OAuth token strategy attached oauth_scope and oauth_granted_reso...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE
MEDIUM 4.3	CVE-2026-46548	NocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams)_CVE-2026-46548 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the request-filtering-agent SSRF protection was non-functional in th...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE
MEDIUM 6.1	CVE-2026-46547	NocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URL_CVE-2026-46547 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, a reflected XSS vulnerability exists in the Page Leaving Warning pag...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE
HIGH 8.8	CVE-2026-41862	CVE-2026-41862_CVE-2026-41862 Spring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enfo...	Spring	Spring Statemachine 4.0.0	Jun 23, 2026	CVE
MEDIUM 6.5	CVE-2026-54518	jackson-databind: @JsonView bypass for unwrapped creator parameters in jackson-databind_CVE-2026-54518 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3....	FasterXML	jackson-databind >= 2.21.0, < 2.21.4	Jun 23, 2026	CVE
HIGH 8.4	CVE-2026-56785	FlatPress – Stored Cross-Site Scripting via Unescaped Comment and Contact Form Fields_CVE-2026-56785 FlatPress versions prior to commit 10be83c, contains a stored cross-site scripting vulnerability in comment and contact forms where name, URL, and ...	FlatPress	FlatPress	Jun 23, 2026	CVE
CRITICAL 9.6	CVE-2026-54588	Poweradmin has Host Header Injection in OIDC redirect_uri, SAML ACS/SLO URL, and Logout Redirect Construction._CVE-2026-54588 Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` re...	poweradmin	poweradmin < 4.2.4	Jun 23, 2026	CVE
MEDIUM 5.5	CVE-2026-48493	Snipe-IT Vulnerable to Privilege Escalation for self via API Permissions Assignment_CVE-2026-48493 Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PATCH to /api/v1/users/{their...	grokability	snipe-it < 8.6.0	Jun 23, 2026	CVE
MEDIUM 6.9	CVE-2026-47693	Poweradmin: CSV Injection in log export endpoints allows formula execution in spreadsheet applications_CVE-2026-47693 Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection (Formula I...	poweradmin	poweradmin < 4.2.4	Jun 23, 2026	CVE