CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-39897	Cacti has a Reflected XSS Vulnerability via html_auth_footer_CVE-2026-39897 Cacti is an open source performance and fault management framework. Versions 1.2.30 and below contain a Reflected XSS vulnerability in the html_aut...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
LOW 2.9	CVE-2026-39894	Cacti: RRDtool metric shift via LC_NUMERIC locale comma decimal formatting_CVE-2026-39894 Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtoo...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-39893	Cacti: Pre-authentication SQL injection via rfilter RLIKE clause in graph_view.php_CVE-2026-39893 Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated int...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-2050	GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability_CVE-2026-2050 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitra...	GIMP	GIMP 3.0.6	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-39938	Cacti: Unauthenticated RCE on Graph Image_CVE-2026-39938 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graph_theme and rrdt...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-39900	Cacti: Reflected XSS via tab parameter in auth_profile.php JavaScript context_CVE-2026-39900 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in ...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-39899	Cacti: Path Traversal via filename parameter in package_import.php_CVE-2026-39899 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename paramet...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-39955	Cacti has Pre-Authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php_CVE-2026-39955 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Injection via unanchored ...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
CRITICAL 9.3	CVE-2026-39948	Cacti has SQL Injection via rfilter parameter in RLIKE clauses_CVE-2026-39948 Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request parameter is retrieved via th...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-9787	Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability_CVE-2026-9787 Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute ar...	Quest	NetVault Backup 14.0.0.19	Jun 24, 2026	CVE