CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.3	CVE-2026-55957	Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind_CVE-2026-55957 Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed...	Apache Software Foundation	Apache Tomcat 11.0.0-M1	Jun 29, 2026	CVE
MEDIUM 6.5	CVE-2026-55956	Apache Tomcat: Security constraints for default servlet ignored method_CVE-2026-55956 Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method...	Apache Software Foundation	Apache Tomcat 11.0.0-M1	Jun 29, 2026	CVE
MEDIUM 6.5	CVE-2026-55955	Apache Tomcat: EncryptInterceptor not protected against replay attacks_CVE-2026-55955 Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This is...	Apache Software Foundation	Apache Tomcat 11.0.0-M1	Jun 29, 2026	CVE
CRITICAL 9.1	CVE-2026-53434	Apache Tomcat: Invalid CRL configuration doesn’t trigger failure for FFM Connector_CVE-2026-53434 Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apa...	Apache Software Foundation	Apache Tomcat 11.0.0-M1, 10.1.0-M7, 9.0.83	Jun 29, 2026	CVE
HIGH 7.3	CVE-2026-53404	Apache Tomcat: Bad ornext processing in RewriteValve_CVE-2026-53404 Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matche...	Apache Software Foundation	Apache Tomcat 11.0.0-M1	Jun 29, 2026	CVE
MEDIUM 6.1	CVE-2026-50229	Apache Tomcat: XSS in number guess example_CVE-2026-50229 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This is...	Apache Software Foundation	Apache Tomcat 11.0.0-M1	Jun 29, 2026	CVE
LOW 3.7	CVE-2026-13758	CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path_CVE-2026-13758 CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_do...	MIK	CryptX	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-51221	CVE-2026-51221_CVE-2026-51221 A buffer overflow in the Get_Attribute_List function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service (DoS) via ...	n/a	n/a n/a	Jun 29, 2026	CVE
MEDIUM 6.5	CVE-2026-51218	CVE-2026-51218_CVE-2026-51218 A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a Denial o...	n/a	n/a n/a	Jun 29, 2026	CVE
MEDIUM 4.9	CVE-2026-9576	Fluent Booking < 2.1.2 - Calendar Manager+ Sensitive Information Disclosure via Attendee Export_CVE-2026-9576 The Fluent Booking WordPress plugin before 2.1.2 does not verify ownership of the requested group_id before exporting attendee data via the export...	Unknown	Fluent Booking	Jun 30, 2026	CVE