CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-48732	Warp: Remote SSH cwd can lead to unauthorized remote command execution_CVE-2026-48732 Warp is an agentic development environment. From 0.2023.03.21.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2023.03.21.08.02.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-48731	Warp: Linux external editor command injection_CVE-2026-48731 Warp is an agentic development environment. From 0.2024.02.20.08.01.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2024.02.20.08.01.stable_01, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.1	CVE-2026-48725	Warp may allow terminal output to access the local clipboard through OSC 52_CVE-2026-48725 Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp allows terminal output to re...	warpdotdev	warp >= 0.2021.04.25.23.05.stable_00, < v0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.6	CVE-2026-48721	Warp: Env-var prefixes can lead to denylisted command autoexecution_CVE-2026-48721 Warp is an agentic development environment. From 0.2025.10.08.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...	warpdotdev	warp >= 0.2025.10.08.08.12.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48720	Warp: SSH remote output can lead to local file overwrite and persistence_CVE-2026-48720 Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337...	warpdotdev	warp >= 0.2025.03.05.08.02.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8	CVE-2026-48719	Warp branch selector command injection via Git branch names_CVE-2026-48719 Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2025.08.06.08.12.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48704	Warp Markdown notebook links may open executable local files_CVE-2026-48704 Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.05.06.15.42.stable_01, Warp may open executable local fi...	warpdotdev	warp >= 0.2023.10.24.08.03.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-48703	Warp: Command Injection via Warp code search tool arguments_CVE-2026-48703 Warp is an agentic development environment. From 0.2025.04.09.08.11.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...	warpdotdev	warp >= 0.2025.04.09.08.11.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
MEDIUM 5.5	CVE-2026-44022	Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands_CVE-2026-44022 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2....	docling-project	docling >= 2.73.0, < 2.91.0	Jun 24, 2026	CVE
HIGH 7.5	CVE-2026-44020	Docling: Unsafe XML Entity Expansion in USPTO Patent Backend_CVE-2026-44020 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2....	docling-project	docling >= 2.13.0, < 2.74.0	Jun 24, 2026	CVE