MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.8	CVE-2026-10722	cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow_CVE-2026-10722 A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadColle...	cilium	ebpf 0.1	Jun 3, 2026	CVE
MEDIUM 5.3	CVE-2026-5078	morgan vulnerable to Log Forging via unneutralized control characters in :remote-user_CVE-2026-5078 Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to ...	morgan	morgan 1.2.0	Jun 3, 2026	CVE
MEDIUM 6.9	CVE-2026-10694	SourceCodester Online Food Ordering System index.php include file inclusion_CVE-2026-10694 A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.p...	SourceCodester	Online Food Ordering System 2.0	Jun 3, 2026	CVE
MEDIUM 5.3	CVE-2026-10693	SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization_CVE-2026-10693 A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown funct...	SourceCodester	Online Boat Reservation System 1.0	Jun 3, 2026	CVE
MEDIUM 6.9	CVE-2026-10704	SourceCodester Pizzafy E-Commerce System Administrative Control Panel admin_class_novo.php login sql injection_CVE-2026-10704 A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /adm...	SourceCodester	Pizzafy E-Commerce System 1.0	Jun 3, 2026	CVE
MEDIUM 5.3	CVE-2026-10703	EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free_CVE-2026-10703 A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the...	EIPStackGroup	OpENer 2.0	Jun 3, 2026	CVE
MEDIUM 4.6	CVE-2026-10718	Open Seachest/Seachest NVMe Trim (Deallocate) Vulnerability_CVE-2026-10718 Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra m...	N/A	N/A	Jun 2, 2026	CVE
MEDIUM 5.3	CVE-2026-10662	ahujasid blender-mcp ZIP File server.py requests.get server-side request forgery_CVE-2026-10662 A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get...	ahujasid	blender-mcp 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b	Jun 2, 2026	CVE
MEDIUM 5.7	CVE-2026-44654	LibreChat: Shared-agent editor can globally delete owner’s file records — breaks owner’s other private agents_CVE-2026-44654 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, a shared-agent editor can delete...	danny-avila	LibreChat < 0.8.5	Jun 2, 2026	CVE
MEDIUM 6.5	CVE-2026-44653	LibreChat Shared MCP Server View Leaks Decrypted Admin Secrets_CVE-2026-44653 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, users with only `VIEW` access to...	danny-avila	LibreChat < 0.8.4	Jun 2, 2026	CVE