CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-49049	Joomla Extension – joomshaper.com – Unauthenticated access to Helix3 template ajax handler_CVE-2026-49049 The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON fi...	joomshaper.com	Helix3 extension for Joomla 1.0-3.1.1	Jun 29, 2026	CVE
MEDIUM 6.8	CVE-2026-9105	Authenticated Stack-Based Buffer Overflow in TP-Link TL-WR841N Web Interface_CVE-2026-9105 An authenticated stack-based buffer overflow vulnerability exists in the web management interface of TP-Link TL-WR841N v14. A remote authenticated...	TP-Link Systems Inc.	TL-WR841N v14	Jun 29, 2026	CVE
CRITICAL 9.4	CVE-2026-41052	Rancher Privilege Escalation from Project Owner to Host_CVE-2026-41052 Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 bef...	SUSE	Rancher 2.12.0	Jun 29, 2026	CVE
MEDIUM 5.5	CVE-2026-13750	Snowflake CLI Sensitive Credential Exposure Through Debug Logging_CVE-2026-13750 Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be written to persistent...	Snowflake	Snowflake CLI 3.0.0	Jun 29, 2026	CVE
HIGH 8.8	CVE-2026-13749	Snowflake CLI Arbitrary Code Execution via Snowpark Annotation Processor Template Injection_CVE-2026-13749 Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execu...	Snowflake	Snowflake CLI 2.4.0	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-13748	Snowflake CLI Arbitrary Local File Read and Exfiltration Through Improper File Path Restriction_CVE-2026-13748 Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitte...	Snowflake	Snowflake CLI 0.2.2	Jun 29, 2026	CVE
LOW 3.6	CVE-2026-13746	Snowflake CLI SQL Injection Through Improper Neutralization of Local CLI Parameters_CVE-2026-13746 Improper neutralization of local CLI parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. A user could trigger this...	Snowflake	Snowflake CLI 2.0.0	Jun 29, 2026	CVE
HIGH 8.3	CVE-2026-13744	Snowflake CLI SQL Injection Through Improper Neutralization of User-Controlled Input_CVE-2026-13744 Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying craft...	Snowflake	Snowflake CLI 1.2.2	Jun 29, 2026	CVE
MEDIUM 5.9	CVE-2026-13742	Lack of signature verification before execution of downloaded content_CVE-2026-13742 Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An atta...	Honeywell Technologies	IQ MultiAccess IQ.v27	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-13587	seladb PcapPlusPlus LightPcapNg light_pcapng.c parse_by_block_type heap-based overflow_CVE-2026-13587 A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse_by_block_type of the file light_pcapng.c of the ...	seladb	PcapPlusPlus 25.05	Jun 29, 2026	CVE