LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.9	CVE-2026-44059	Non-reentrant privilege toggle_CVE-2026-44059 In Netatalk 2.2.5 through 4.4.2, non-reentrant privilege toggle. Fixed in 4.5.0.	Netatalk	Netatalk 2.2.5	May 21, 2026	CVE
LOW 3.3	CVE-2026-47782	CVE-2026-47782_CVE-2026-47782 Android App "RoboForm Password Manager" provided by Siber Systems, Inc. handles Android intents without sufficient URL validation, user confirmatio...	Siber Systems, Inc.	Android App "RoboForm Password Manager" 9.8.6.3 and prior	May 20, 2026	CVE
LOW 2.1	CVE-2026-47099	TeleJSON < 6.0.0 DOM-based XSS via parse() Function_CVE-2026-47099 TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse() function that allows attackers to execute arbitrary ...	storybookjs	telejson	May 20, 2026	CVE
LOW 2.7	CVE-2026-8492	Translate Drupal with GTranslate – Less critical – DOM clobbering / link manipulation – SA-CONTRIB-2026-035_CVE-2026-8492 Modification of Assumed-Immutable Data (MAID) vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This iss...	Drupal	Translate Drupal with GTranslate 0.0.0	May 19, 2026	CVE
LOW 3.7	CVE-2026-8491	Node View Permissions – Moderately critical – Access bypass – SA-CONTRIB-2026-034_CVE-2026-8491 Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects No...	Drupal	Node View Permissions 0.0.0	May 19, 2026	CVE
LOW 2.3	CVE-2026-47068	Cross-session PubSub topic injection via URL parameter in phoenix_storybook_CVE-2026-47068 Authorization Bypass Through User-Controlled Key vulnerability in phenixdigital phoenix_storybook allows cross-session PubSub topic injection via a...	phenixdigital	phoenix_storybook 0.4.0	May 20, 2026	CVE
LOW 3.7	CVE-2025-31985	HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header_CVE-2025-31985 HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This c...	HCL	BigFix Service Management (SM) 23	May 20, 2026	CVE
LOW 2.1	CVE-2026-45232	Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy_CVE-2026-45232 Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c ...	RsyncProject	rsync	May 20, 2026	CVE
LOW 2.1	CVE-2026-34154	Discourse has a subscription access bypass in its discourse-subscriptions plugin_CVE-2026-34154 Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, a vulnerability in the d...	discourse	discourse < 2026.1.4	May 19, 2026	CVE
LOW 1.8	CVE-2025-14575	Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading_CVE-2025-14575 An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network (qtbase) in Qt Qt Framework (Unix) allows a local attack...	The Qt Company	Qt 5.0.0	May 19, 2026	CVE