tapic - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.7	CVE-2026-54322	Daytona: Cross-org IDOR in organization role update/delete — any org owner can rewrite or destroy another org’s roles_CVE-2026-54322 Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, Daytona's organizatio...	daytonaio	daytona < 0.185.0	Jun 23, 2026	CVE
HIGH 7	CVE-2026-54321	Daytona: Public sandbox previews remain accessible for up to one hour after being made private_CVE-2026-54321 Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. From 0.101.0 until 0.184.0, sandbox pre...	daytonaio	daytona >= 0.101.0, < 0.184.0	Jun 23, 2026	CVE
HIGH 8.4	CVE-2026-54320	Daytona: Cross-tenant organization takeover via invitation acceptance with an unverified email_CVE-2026-54320 Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.184.0, organization invitati...	daytonaio	daytona < 0.184.0	Jun 23, 2026	CVE
MEDIUM 4.2	CVE-2026-54319	Daytona: Path traversal in sandbox volume id mounts arbitrary host paths into the sandbox — cross-tenant data access and host escape_CVE-2026-54319 Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.186, a sandbox volume refere...	daytonaio	daytona < 0.186	Jun 23, 2026	CVE
HIGH 8.6	CVE-2026-53755	Crawl4AI: SSRF via proxy settings in the Docker server bypasses the crawl-URL SSRF check_CVE-2026-53755 Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server applied its SSRF destination check to the craw...	unclecode	crawl4ai < 0.8.9	Jun 23, 2026	CVE
HIGH 7.5	CVE-2026-53754	Crawl4AI: SSRF filter bypass in Docker server via IPv6 transition forms (NAT64 / 6to4 / unspecified / v4-mapped)_CVE-2026-53754 Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.8, the Docker API server's SSRF protection (validate_webhook_url / vali...	unclecode	crawl4ai < 0.8.8	Jun 23, 2026	CVE
CRITICAL 9.8	CVE-2026-53753	Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain – Pre-Auth RCE in Docker API_CVE-2026-53753 Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature ...	unclecode	crawl4ai < 0.8.7	Jun 23, 2026	CVE
MEDIUM 5.9	CVE-2026-54762	Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution fails_CVE-2026-54762 Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes I...	traefik	traefik >= 3.7.0-ea.1, < 3.7.5	Jun 23, 2026	CVE
MEDIUM 6	CVE-2026-54761	Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services_CVE-2026-54761 Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gatew...	traefik	traefik < 3.6.21	Jun 23, 2026	CVE
HIGH 7.8	CVE-2026-54555	rtk: Permission-gate bypass in rtk rewrite auto-allow via unsplit shell separators_CVE-2026-54555 rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.42.2, the permission splitter did not conservatively spli...	rtk-ai	rtk < 0.42.2	Jun 23, 2026	CVE