Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-47204	Envoy: grpc_stats filter segfault on Connect protocol requests to direct_response routes_CVE-2026-47204 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the e...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-54753	Nx: `nx graph` dev server permissive CORS policy_CVE-2026-54753 Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx gr...	nrwl	nx >= 17.0.4, < 22.7.2	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-48090	Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash risk)_CVE-2026-48090 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter ...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-47220	Envoy: Segmentation fault when using %REQUESTED_SERVER_NAME% in log format_CVE-2026-47220 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SER...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-47205	Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides_CVE-2026-47205 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Fr...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
NONE	5A30AF6D-A3F1-	MamaBaohe-ERP-SQLi_5A30AF6D-A3F1-5C05-9042-C5ED3EF4AAB8 MamaBaohe ERP Management Cloud Platform SQL Injection Overview \| Field \| Value \| \|-------\|-------\| \| Product \| Maternal and Child Health ERP Manage...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 9.8	C1779145-9574-	Exploit for OS Command Injection in Cacti_C1779145-9574-5457-B610-1891430BF6B2 CVE-2026-39938: Cacti " 3.2 Execute the Code by Including Log File bash curl -k -s "http://target-cacti/graphimage.php?action=view&localgraphid=1&g...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 9.8	2A8C8CE0-592F-	Exploit for Missing Authentication for Critical Function in Splunk_2A8C8CE0-592F-566A-AD1D-9DB21DEE0C60 CVE-2026-20253 - Splunk Enterprise Pre-Auth RCE PoC ⚠️ ADVERTENCIA: Este script es solo para fines educativos y de prueba en entornos autorizados. ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	WIRED:A213F3A81...	The Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security Officials_WIRED:A213F3A81A603E96CA725AEEADB603F7 Exposed records from the private group included the personal information of a senior White House intelligence official and an active-duty special o...	N/A	N/A	Jun 26, 2026	WIRED
NONE	SCHNEIER:DF7402...	Meta Is Testing Facial Recognition for Police and Military_SCHNEIER:DF74028FA7E40C4996C0D41330A90633 We know that ICE wants to deploy eyeglasses with facial recognition that can identify people in real time. Turns out Meta is prototyping the featu...	N/A	N/A	Jun 26, 2026	SCHNEIER