CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.9	CVE-2026-57082	Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG_CVE-2026-57082 Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG. The MSE (Message Stream...	SANKO	Net::BitTorrent	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-57081	Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input_CVE-2026-57081 Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested ...	SANKO	Net::BitTorrent	Jun 30, 2026	CVE
CRITICAL 9.8	CVE-2026-13766	DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers_CVE-2026-13766 DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers. The default SQL builder, a SQL::Abstract subcla...	EXODIST	DBIx::QuickORM	Jun 30, 2026	CVE
MEDIUM 5.4	CVE-2025-53648	Apache Gravitino: SQL misconfiguration can access or truncate files_CVE-2025-53648 SQL misconfiguration in the Gravitino UI, in versions 1.0.0 and below, can allow a malicious user to read or truncate files. Users are recommended ...	Apache Software Foundation	Apache Gravitino 0.5.0	Jun 30, 2026	CVE
LOW 2	CVE-2026-4360	Tarfile.extract() doesn’t fully respect filter parameter_CVE-2026-4360 In the Tarfile.extract() function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content ...	Python Software Foundation	CPython	Jun 30, 2026	CVE
MEDIUM 5.4	CVE-2026-48192	CVE-2026-48192_CVE-2026-48192 A vulnerability has been identified in Mendix Studio Pro 10.11 (All versions), Mendix Studio Pro 10.12 (All versions), Mendix Studio Pro 10.13 (All...	Siemens	Mendix Studio Pro 10.11	Jun 30, 2026	CVE
HIGH 7	CVE-2026-44949	Unauthenticated namespace creation and RBAC injection via rancher-webhook FleetWorkspace mutating webhook_CVE-2026-44949 A Rancher FleetWorkspace admission path allowed side effects to occur in the Rancher webhook handler for versions 0.7.0 up to 0.7.10, 0.8.0 up to ...	SUSE	Rancher 0.7.0	Jun 30, 2026	CVE
MEDIUM 6.9	CVE-2026-44947	Stale PSA ClusterRoleBinding Persists After RoleTemplate Downgrade in Rancher_CVE-2026-44947 A missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 a...	SUSE	Rancher 2.13.0	Jun 30, 2026	CVE
HIGH 8.8	CVE-2026-27957	Coolify: Authenticated RCE via command injection in CA certificate management feature_CVE-2026-27957 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, an authenticated comma...	coollabsio	coolify < 4.0.0-beta.464	Jun 30, 2026	CVE
MEDIUM 4.3	CVE-2026-27956	Coolify: Cross-team application domain enumeration via domains_by_server endpoint_CVE-2026-27956 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, `GET /api/v1/servers/{...	coollabsio	coolify < 4.0.0-beta.464	Jun 30, 2026	CVE