HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-55700	pnpm: stage download writes outside destination via manifest version traversal_CVE-2026-55700 pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm stage download` derived a local filename from registry-controlled package name and versi...	pnpm	pnpm >= 11.3.0, < 11.5.3	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-55698	pnpm: Project env lockfile can short-circuit package-manager resolution and execute lockfile-selected pnpm bytes_CVE-2026-55698 pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can persist package-manager bootstrap metadata in the first YAML document of pnpm-lock...	pnpm	pnpm < 10.34.2	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-55697	pnpm: Repository-controlled configDependencies can select a pacquet native install engine_CVE-2026-55697 pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can install configDependencies declared in pnpm-workspace.yaml before command dispatch...	pnpm	pnpm < 10.34.2	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-55487	pnpm: manifest identity spoof satisfies allowBuilds and runs attacker lifecycle_CVE-2026-55487 pnpm is a package manager. Prior to 10.34.2 and 11.5.3, the generic peer-suffix normalizer also stripped parenthesized text from git, URL, tarball,...	pnpm	pnpm < 10.34.2	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-50016	pnpm: Transitive dependency alias path traversal allows project path override via symlink replacement_CVE-2026-50016 pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm allows a transitive dependency alias from registry package metadata to contain path tr...	pnpm	pnpm < 10.33.4	Jun 25, 2026	CVE
HIGH 7.3	CVE-2026-50015	pnpm: Arbitrary File Write/Delete via Malicious Patch File (Path Traversal)_CVE-2026-50015 pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's patch application pipeline (@pnpm/patch-package) performs no path validation on file...	pnpm	pnpm < 10.33.4	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-49839	jq –rawfile invalid-state reuse after String too long causes heap-buffer-overflow_CVE-2026-49839 jq is a command-line JSON processor. Prior to 1.8.2,` jq --rawfile` can turn a handled oversized-string error into invalid-state reuse and a real h...	jqlang	jq < 1.8.2	Jun 25, 2026	CVE
HIGH 8.2	CVE-2026-11999	X.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()_CVE-2026-11999 X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only ...	wolfSSL	wolfSSL 5.7.4	Jun 25, 2026	CVE
HIGH 7	CVE-2026-56790	CANBoat – Off-by-One Global Buffer Overflow in searchForPgn()_CVE-2026-56790 CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn() function in analyzer/pgn.c that ...	canboat	canboat	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56789	RTKLIB 2.4.3 – Heap Buffer Overflow and Stack Read via Oversized RINEX Epoch Satellite Count_CVE-2026-56789 RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memo...	tomojitakasu	RTKLIB	Jun 25, 2026	CVE