LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.9	CVE-2025-13326	Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store_CVE-2025-13326 Mattermost Desktop App versions	Mattermost	Mattermost	Dec 17, 2025	CVE
LOW 3.3	CVE-2025-13321	Mattermost Desktop App logging sensitive information and fails to clear data on server deletion_CVE-2025-13321 Mattermost Desktop App versions	Mattermost	Mattermost	Dec 17, 2025	CVE
LOW 1.7	CVE-2025-66646	RIOT-OS has NULL pointer dereference in gnrc_ipv6_ext_frag_reass_CVE-2025-66646 RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded ...	RIOT-OS	RIOT < 2025.10	Dec 17, 2025	CVE
LOW 2.6	CVE-2025-54004	WordPress WCFM – Frontend Manager for WooCommerce plugin <= 6.7.21 - Broken Access Control vulnerability_CVE-2025-54004 Missing Authorization vulnerability in WC Lovers WCFM – Frontend Manager for WooCommerce wc-frontend-manager allows Exploiting Incorrectly Configur...	WC Lovers	WCFM – Frontend Manager for WooCommerce n/a	Dec 16, 2025	CVE
LOW 3	CVE-2025-13352	Mattermost GitHub Plugin allows unauthorized GitHub reactions via reaction forwarding hijacking_CVE-2025-13352 Mattermost versions 10.11.x	Mattermost	Mattermost 10.11.0	Dec 17, 2025	CVE
LOW 3.1	CVE-2025-62690	Open redirect in error page when link opened in new tab_CVE-2025-62690 Mattermost versions 10.11.x	Mattermost	Mattermost 10.11.0	Dec 17, 2025	CVE
LOW 0.6	CVE-2025-14266	CSRF in Ercom Cryptobox administration console_CVE-2025-14266 CSRF in Ercom Cryptobox administration console allows attacker to trigger some actions on behalf of a Cryptobox administrator. The attack requires ...	Ercom	Cryptobox 4.0.0	Dec 17, 2025	CVE
LOW 2.7	CVE-2025-68142	PyMdown Extensions has ReDOS bug in Figure Capture extension_CVE-2025-68142 PyMdown Extensions is a set of extensions for the `Python-Markdown` markdown project. Versions prior to 10.16.1 have a ReDOS bug found within the f...	facelessuser	pymdown-extensions < 10.16.1	Dec 16, 2025	CVE
LOW 2.7	CVE-2025-49300	WordPress Traveler Option Tree plugin <= 2.8 - Sensitive Data Exposure vulnerability_CVE-2025-49300 Insertion of Sensitive Information Into Sent Data vulnerability in shinetheme Traveler Option Tree custom-option-tree allows Retrieve Embedded Sens...	shinetheme	Traveler Option Tree n/a	Dec 16, 2025	CVE
LOW 2.7	CVE-2025-68164	CVE-2025-68164_CVE-2025-68164 In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test	JetBrains	TeamCity	Dec 16, 2025	CVE