MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	MS:CVE-2026-13022	Chromium: CVE-2026-13022 Inappropriate implementation in Autofill_MS:CVE-2026-13022 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
MEDIUM 4.3	MS:CVE-2026-13021	Chromium: CVE-2026-13021 Inappropriate implementation in DeviceBoundSessionCredentials_MS:CVE-2026-13021 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
MEDIUM 5.3	MS:CVE-2026-13023	Chromium: CVE-2026-13023 Uninitialized Use in GPU_MS:CVE-2026-13023 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
MEDIUM 4.2	MS:CVE-2026-13024	Chromium: CVE-2026-13024 Insufficient validation of untrusted input in Navigation_MS:CVE-2026-13024 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
MEDIUM 4.7	MS:CVE-2026-13034	Chromium: CVE-2026-13034 Inappropriate implementation in Passwords_MS:CVE-2026-13034 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
MEDIUM 6.3	CVE-2026-55448	mise: Local credential_command executes untrusted config_CVE-2026-55448 mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads github.credential_command from local proj...	jdx	mise < 2026.6.4	Jun 26, 2026	CVE
MEDIUM 5.5	CVE-2026-54557	mise HTTP backend uses raw version path for install symlink destination_CVE-2026-54557 mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.1, the mise HTTP backend builds its install symlink destination fro...	jdx	mise < 2026.6.1	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-48706	Envoy Heap Buffer Overflow in TcpStatsdSink_CVE-2026-48706 Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vul...	envoyproxy	envoy >= 1.38.0, < 1.38.3	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-48497	Envoy: Abnormal process termination in DNS UDP filter_CVE-2026-48497 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where...	envoyproxy	envoy >= 1.38.0, < 1.38.1	Jun 26, 2026	CVE
MEDIUM 4.4	CVE-2026-47778	Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (Auth Bypass)_CVE-2026-47778 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural f...	envoyproxy	envoy >= 1.38.0, < 1.38.1	Jun 26, 2026	CVE