CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2026-53434	Apache Tomcat: Invalid CRL configuration doesn’t trigger failure for FFM Connector_CVE-2026-53434 Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apa...	Apache Software Foundation	Apache Tomcat 11.0.0-M1, 10.1.0-M7, 9.0.83	Jun 29, 2026	CVE
HIGH 7.3	CVE-2026-53404	Apache Tomcat: Bad ornext processing in RewriteValve_CVE-2026-53404 Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matche...	Apache Software Foundation	Apache Tomcat 11.0.0-M1	Jun 29, 2026	CVE
MEDIUM 6.1	CVE-2026-50229	Apache Tomcat: XSS in number guess example_CVE-2026-50229 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This is...	Apache Software Foundation	Apache Tomcat 11.0.0-M1	Jun 29, 2026	CVE
LOW 3.7	CVE-2026-13758	CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path_CVE-2026-13758 CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_do...	MIK	CryptX	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-51221	CVE-2026-51221_CVE-2026-51221 A buffer overflow in the Get_Attribute_List function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service (DoS) via ...	n/a	n/a n/a	Jun 29, 2026	CVE
MEDIUM 6.5	CVE-2026-51218	CVE-2026-51218_CVE-2026-51218 A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a Denial o...	n/a	n/a n/a	Jun 29, 2026	CVE
MEDIUM 4.9	CVE-2026-9576	Fluent Booking < 2.1.2 - Calendar Manager+ Sensitive Information Disclosure via Attendee Export_CVE-2026-9576 The Fluent Booking WordPress plugin before 2.1.2 does not verify ownership of the requested group_id before exporting attendee data via the export...	Unknown	Fluent Booking	Jun 30, 2026	CVE
HIGH 8.8	CVE-2026-11589	WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated Stored XSS via File Upload_CVE-2026-11589 The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not properly validate uploaded files, allowing unauthenticated use...	Unknown	WP Support Plus Responsive Ticket System	Jun 30, 2026	CVE
MEDIUM 5.9	CVE-2026-11581	Kali Forms < 2.4.13 - Contributor+ Stored XSS via Form Field Caption_CVE-2026-11581 The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.13 does not sanitise a form field's caption before outputting it ...	Unknown	Kali Forms — Contact Form & Drag-and-Drop Builder	Jun 30, 2026	CVE
HIGH 7.8	CVE-2025-7406	A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM_CVE-2025-7406 Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privile...	Nokia	MantaRay NM <NM 25R1-NM	Jun 30, 2026	CVE