HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-7250	Allocation of Resources Without Limits or Throttling in GitLab_CVE-2026-7250 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that ...	GitLab	GitLab 12.10	Jun 11, 2026	CVE
HIGH 8.7	CVE-2026-6552	Authorization Bypass Through User-Controlled Key in GitLab_CVE-2026-6552 GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that unde...	GitLab	GitLab 15.5	Jun 11, 2026	CVE
HIGH 8.7	CVE-2026-10087	Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in GitLab_CVE-2026-10087 GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that unde...	GitLab	GitLab 17.1, 18.11, 19.0	Jun 11, 2026	CVE
HIGH 7.8	429B6A1D-3268-	Exploit for Untrusted Pointer Dereference in Microsoft_429B6A1D-3268-5649-8F85-06742FFE6649 CVE-2023-21768 PoC...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
HIGH 8.1	F17976B9-4448-	Exploit for CVE-2026-10795_F17976B9-4448-5BEE-AEAE-209CDB4A1A3C CVE-2026-10795 CVE-2026-10795 – UpdraftPlus Authentication Bypass CVE-2026-10795 – UpdraftPlus Authentication Bypass PoC ⚠️ Disclaimer: This reposi...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
HIGH 8.7	CVE-2026-53901	Cerebrate before v1.37 allows mass assignment of record identifiers during object creation_CVE-2026-53901 Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add() handler attempted to remove an attac...	cerebrate	cerebrate	Jun 11, 2026	CVE
HIGH 7.5	CVE-2026-5497	Unbounded Frame Count in video/jpeg Base64 Data URL Processing Leads to OOM DoS in vllm-project/vllm_CVE-2026-5497 vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in th...	vllm-project	vllm-project/vllm unspecified	Jun 11, 2026	CVE
HIGH 7.5	CVE-2026-41856	Spring GraphQL Annotation Detection Vulnerability_CVE-2026-41856 The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierar...	Spring	Spring for GraphQL 2.0.0	Jun 11, 2026	CVE
HIGH 8.1	CVE-2026-41700	Cross-Site WebSocket Hijacking in Spring for GraphQL_CVE-2026-41700 Spring for GraphQL applications that have enabled the WebSocket transport are vulnerable to Cross-Site WebSocket Hijacking. An attacker can trick a...	Spring	Spring for GraphQL 2.0.0	Jun 11, 2026	CVE
HIGH 8.1	CVE-2026-41699	Unsafe Deserialization in Spring GraphQL_CVE-2026-41699 Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated GraphQL queries. An attacker can craft a malicio...	Spring	Spring for GraphQL 2.0.0	Jun 11, 2026	CVE