LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 1.6	CVE-2026-7860	Possible information disclosure of environment variables in Vaadin Build Plugins via Failed Frontend Build_CVE-2026-7860 A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment...	vaadin	flow 23.0.0	May 19, 2026	CVE
LOW 3.3	CVE-2026-33565	kernel_linux_common_modules has a Race Condition vulnerability_CVE-2026-33565 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE
LOW 3.3	CVE-2026-28751	filemanagement_storage_service has an improper input validation vulnerability_CVE-2026-28751 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE
LOW 3.3	CVE-2026-27781	kernel_liteos_a has an integer overflow vulnerability_CVE-2026-27781 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE
LOW 3.3	CVE-2026-25110	Sensors_medical_sensor has a NULL pointer dereference vulnerability_CVE-2026-25110 in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.	OpenHarmony	OpenHarmony v5.0.3	May 19, 2026	CVE
LOW 3.5	8CE4761E-40E3-	Exploit for CVE-2025-11203_8CE4761E-40E3-5285-948E-9190434686A1 CVE-2025-11203 — LiteLLM Health Endpoint APIKEY Information Disclosure LiteLLM versions 未正确过滤敏感信息，导致已认证用户可获取其他模型配置中存储...	N/A	N/A	May 19, 2026	GITHUBEXPLOIT
LOW 3.9	CVE-2026-27964	FacturaScripts: Reflected Cross-Site Scripting (XSS) via Cookie Manipulation_CVE-2026-27964 FacturaScripts is an open source accounting and invoicing software. Versions 2025.7 and prior contain a Reflected Cross-Site Scripting (XSS) vulner...	NeoRazorX	facturascripts < 2025.8	May 18, 2026	CVE
LOW 2.1	CVE-2026-45244	Summarize < 0.15.1 Unapproved Browser Automation Execution_CVE-2026-45244 Summarize prior to 0.15.1 contains a missing authorization vulnerability that allows attackers to execute browser automation actions without per-ca...	steipete	summarize	May 18, 2026	CVE
LOW 2.4	CVE-2026-47090	Claude HUD 0.0.12 Terminal Injection via OSC 8 Hyperlinks_CVE-2026-47090 Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 terminal hyperlink escape sequences using raw cwd and branchUrl values witho...	jarrodwatts	claude-hud	May 18, 2026	CVE
LOW 3.5	CVE-2026-6333	SSRF via Host Header Spoofing in Custom Slash Commands_CVE-2026-6333 Mattermost versions 11.5.x	Mattermost	Mattermost 11.5.0	May 18, 2026	CVE