LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.7	CVE-2025-31958	HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling_CVE-2025-31958 HCL BigFix Service Management is susceptible to HTTP Request Smuggling. HTTP request smuggling vulnerabilities arise when websites route HTTP requ...	HCLSoftware	BigFix Service Management (SM) 23	Apr 21, 2026	CVE
LOW 3.2	CVE-2026-31369	Privilege Bypass in PcManager_CVE-2026-31369 PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability	Honor	PcManager 1.0.0.2	Apr 21, 2026	CVE
LOW 2	CVE-2026-40264	OpenBao’s Token Store Allows Cross-Namespace Renewal, Revocation_CVE-2026-40264 OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a...	openbao	openbao < 2.5.3	Apr 21, 2026	CVE
LOW 3.1	CVE-2026-39396	OpenBao has Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)_CVE-2026-39396 OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao's OCI plugin down...	openbao	openbao < 2.5.3	Apr 21, 2026	CVE
LOW 2	CVE-2026-39388	OpenBao’s Certificate Authentication Allows Token Renewal With Different Certificate_CVE-2026-39388 OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a tok...	openbao	openbao < 2.5.3	Apr 21, 2026	CVE
LOW 2	CVE-2026-41330	OpenClaw < 2026.3.31 - Environment Variable Override via Host Exec Policy_CVE-2026-41330 OpenClaw before 2026.3.31 contains an environment variable override vulnerability in host exec policy that fails to properly enforce proxy, TLS, Do...	OpenClaw	OpenClaw	Apr 20, 2026	CVE
LOW 2.3	CVE-2026-22051	CVE-2026-22051_CVE-2026-22051 StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerability. Suc...	NETAPP	StorageGRID (formerly StorageGRID Webscale)	Apr 20, 2026	CVE
LOW 2.3	CVE-2026-0930	Potential wolfSSHd Buffer out-of-bounds Read on Windows Handling Terminal Resize_CVE-2026-0930 Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of...	wolfSSL	wolfSSH 1.4.15	Apr 20, 2026	CVE
LOW 3.7	CVE-2026-32690	Apache Airflow: 3.x – Nested Variable Secret Values Bypass Redaction via max_depth=1_CVE-2026-32690 Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored a...	Apache Software Foundation	Apache Airflow 3.0.0	Apr 18, 2026	CVE
LOW 2.1	CVE-2026-5958	Race Condition in GNU Sed_CVE-2026-5958 When sed is invoked with both -i (in-place edit) and --follow-symlinks, the function open_next_file() performs two separate, non-atomic filesystem ...	GNU	Sed 4.1e	Apr 20, 2026	CVE