HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7	CVE-2026-56790	CANBoat – Off-by-One Global Buffer Overflow in searchForPgn()_CVE-2026-56790 CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn() function in analyzer/pgn.c that ...	canboat	canboat	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56789	RTKLIB 2.4.3 – Heap Buffer Overflow and Stack Read via Oversized RINEX Epoch Satellite Count_CVE-2026-56789 RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memo...	tomojitakasu	RTKLIB	Jun 25, 2026	CVE
HIGH 8.7	CVE-2026-56770	libais 0.15 – Out-of-bounds Vector Access in VdmStream::AddLine via Invalid Sequential Message ID_CVE-2026-56770 libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range ...	schwehr	libais	Jun 25, 2026	CVE
HIGH 8.7	CVE-2026-56768	Seahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET Method_CVE-2026-56768 Seahub before 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass au...	haiwen	seahub	Jun 25, 2026	CVE
HIGH 8.7	CVE-2026-56767	Maxun < 0.0.42 - Cross-Tenant IDOR in Storage and Webhook API Handlers_CVE-2026-56767 Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authenti...	getmaxun	maxun 0.0.42	Jun 25, 2026	CVE
HIGH 8.6	CVE-2026-56766	Hydra – Stack Buffer Overflow in NTLM Authentication Handler_CVE-2026-56766 Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy...	vanhauser-thc	thc-hydra	Jun 25, 2026	CVE
HIGH 8.2	CVE-2026-55667	File Browser: Out-of-scope file deletion by a Create-only scoped user via symlink-following RemoveAll in upload failure-cleanup_CVE-2026-55667 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2...	filebrowser	filebrowser < 2.63.16	Jun 25, 2026	CVE
HIGH 7.2	CVE-2026-54097	File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix_CVE-2026-54097 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2...	filebrowser	filebrowser < 2.63.6	Jun 25, 2026	CVE
HIGH 8.4	CVE-2026-54096	File Browser: Improper Access Control Occurs via Pre-Created Public Share for a Non-existent Path_CVE-2026-54096 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2...	filebrowser	filebrowser < 2.63.7	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-54094	File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope_CVE-2026-54094 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2...	filebrowser	filebrowser < 2.63.14	Jun 25, 2026	CVE