LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.4	CVE-2026-44658	Zen Browser: RSS Live-Folder Item URLs Are Not Scheme-Restricted Before Trusted Tab Creation_CVE-2026-44658 Zen is a firefox-based browser. Prior to 1.19.12b, RSS feed URLs entered by the user are validated to http: or https: in promptForFeedUrl, but item...	zen-browser	desktop < 1.19.12b	May 11, 2026	CVE
LOW 2	CVE-2026-34094	Customized help link for page protection indicator is relative to subpage name, because the link target is missing the “/wiki/” prefix_CVE-2026-34094 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue aff...	Wikimedia Foundation	MediaWiki *	May 11, 2026	CVE
LOW 1.1	CVE-2026-34093	Special:UserRights allows viewing user rights from private wiki_CVE-2026-34093 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with...	Wikimedia Foundation	MediaWiki *	May 11, 2026	CVE
LOW 2.1	CVE-2026-34092	Block UI elements in ‘tools’-sidebar shows presence of an autoblocked IP_CVE-2026-34092 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with...	Wikimedia Foundation	MediaWiki *	May 11, 2026	CVE
LOW 2.3	CVE-2026-34089	Memory leak in Scribunto causes runJobs.php to run out of memory_CVE-2026-34089 Vulnerability in Wikimedia Foundation Scribunto. This issue affects Scribunto: from 1.45.0 before 1.45.2.	Wikimedia Foundation	Scribunto 1.45.0	May 11, 2026	CVE
LOW 1.3	CVE-2026-34088	RecentChanges entries expose suppressed content via generated log page html_CVE-2026-34088 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This issue affects MediaWiki: from * b...	Wikimedia Foundation	MediaWiki *	May 11, 2026	CVE
LOW 2.1	CVE-2026-34086	AbuseFilter misuses ::userCanBitfield, exposing access-controlled information_CVE-2026-34086 Vulnerability in Wikimedia Foundation AbuseFilter. This issue affects AbuseFilter: from * before 1.43.7, 1.44.4, 1.45.2.	Wikimedia Foundation	AbuseFilter *	May 11, 2026	CVE
LOW 2.1	CVE-2026-8233	Dotouch XproUPF access control_CVE-2026-8233 A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation c...	Dotouch	XproUPF 2.0.0-release-088aa7c4	May 10, 2026	CVE
LOW 2.9	CVE-2026-45186	CVE-2026-45186_CVE-2026-45186 In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted X...	libexpat project	libexpat	May 10, 2026	CVE
LOW 2.9	CVE-2026-7262	NULL pointer dereference in SOAP apache:Map decoder with missing _CVE-2026-7262 In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured,...	PHP Group	PHP 8.2.*	May 10, 2026	CVE