LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.1	CVE-2026-3176	Missing Authorization in GitLab_CVE-2026-3176 GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under ...	GitLab	GitLab 18.6	Jun 25, 2026	CVE
LOW 3.8	CVE-2026-0934	Incorrect Authorization in GitLab_CVE-2026-0934 GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under ...	GitLab	GitLab 17.9	Jun 25, 2026	CVE
LOW 3.3	CVE-2026-8662	Path Traversal in Rapid7 InsightConnect Compression Plugin_CVE-2026-8662 Path Traversal vulnerability in the create_archive function of Rapid7 InsightConnect Compression Plugin on Linux allows authenticated attackers to ...	Rapid7	InsightConnect Compression Plugin	Jun 25, 2026	CVE
LOW 2.9	CVE-2026-39894	Cacti: RRDtool metric shift via LC_NUMERIC locale comma decimal formatting_CVE-2026-39894 Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtoo...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
LOW 3.5	CVE-2026-52796	Gogs: DoS in rendering issue index pattern_CVE-2026-52796 Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting ...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
LOW 2.3	CVE-2026-49277	Rocket.Chat: OAuth access and refresh tokens remain valid after account deactivation_CVE-2026-49277 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7...	RocketChat	Rocket.Chat >= 8.5.0-rc.0, < 8.5.0	Jun 24, 2026	CVE
LOW 2.3	CVE-2026-45757	Rocket.Chat: users.deactivateIdle` deactivates accounts without revoking existing login tokens_CVE-2026-45757 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7...	RocketChat	Rocket.Chat >= 8.5.0-rc.0, < 8.5.0	Jun 24, 2026	CVE
LOW 1.7	CVE-2026-49246	Jellyfin: Potential MKV attachment filename path traversal to RCE_CVE-2026-49246 Jellyfin is an open source self hosted media server. Prior to 10.11.10, a specifically crafted MKV file containing forged filename tags can be leve...	jellyfin	jellyfin < 10.11.10	Jun 24, 2026	CVE
LOW 2.1	CVE-2026-54906	concurrent-ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption_CVE-2026-54906 concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLock#release_write_lock does not verify that the calli...	ruby-concurrency	concurrent-ruby < 1.3.7	Jun 24, 2026	CVE
LOW 2	CVE-2026-54905	concurrent-ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity_CVE-2026-54905 concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after...	ruby-concurrency	concurrent-ruby < 1.3.7	Jun 24, 2026	CVE