Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.7	CVE-2026-47216	Typesense: Unauthenticated Denial of Service in the Typesense /multi_search Endpoint_CVE-2026-47216 Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is an unauthenticated denial-of-service vulnerability in t...	typesense	typesense < 29.1	Jun 12, 2026	CVE
MEDIUM 5	CVE-2026-44173	MariaDB: FILE privilege was not checked for subqueries in the FROM clause_CVE-2026-44173 MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before ...	MariaDB	server >= 10.6.1, < 10.6.26	Jun 12, 2026	CVE
MEDIUM 6.9	CVE-2026-44172	MariaDB: mysql_real_escape_string() incorrectly handled big5_CVE-2026-44172 MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input...	MariaDB	server = 3.3.18	Jun 12, 2026	CVE
MEDIUM 6.3	CVE-2026-44171	MariaDB: path traversal in mbstream_CVE-2026-44171 MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before ...	MariaDB	server >= 10.6.1, < 10.6.26	Jun 12, 2026	CVE
MEDIUM 6.3	CVE-2026-44170	MariaDB: Argument injection in CONNECT REST Xcurl on Windows via unsanitized URL_CVE-2026-44170 MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before ...	MariaDB	server >= 10.6.1, < 10.6.26	Jun 12, 2026	CVE
MEDIUM 4.3	CVE-2026-44169	MariaDB: Authorization bypass in role-based routine-level privilege check exposes stored routine definitions_CVE-2026-44169 MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user g...	MariaDB	server >= 11.4.1, < 11.4.11	Jun 12, 2026	CVE
HIGH 8	CVE-2026-44168	MariaDB: wsrep SST unsafe parameter handling on the donor side_CVE-2026-44168 MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before ...	MariaDB	server >= 10.6.1, < 10.6.26	Jun 12, 2026	CVE
MEDIUM 6.9	CVE-2026-53726	Parse Server: Relation `$relatedTo` query bypasses `protectedFields` and owning-object ACL_CVE-2026-53726 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.80 and 9.9.1-alpha.6,...	parse-community	parse-server < 8.6.80	Jun 12, 2026	CVE
MEDIUM 5.9	CVE-2026-53725	Parse Server: Endpoints `/login` and `/verifyPassword` disclose MFA secrets and protected fields when `_User` get is denied_CVE-2026-53725 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. From version 9.8.0 to before version 9.9.1-...	parse-community	parse-server >= 9.8.0, < 9.9.1-alpha.5	Jun 12, 2026	CVE
LOW 2.1	CVE-2026-53724	Parse Server: Stored XSS via trailing-dot filename bypassing file upload extension blocklist_CVE-2026-53724 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 and 9.9.1-alpha.4,...	parse-community	parse-server < 8.6.79	Jun 12, 2026	CVE