LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2	CVE-2026-0233	Autonomous Digital Experience Manager: Improper validation of ADEM certificate_CVE-2026-0233 A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker wi...	Palo Alto Networks	Autonomous Digital Experience Manager 5.10.0	Apr 13, 2026	CVE
LOW 2.5	CVE-2026-34849	CVE-2026-34849_CVE-2026-34849 UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability.	Huawei	HarmonyOS 6.0.0	Apr 13, 2026	CVE
LOW 2.2	CVE-2026-34851	CVE-2026-34851_CVE-2026-34851 Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability.	Huawei	HarmonyOS 5.1.0	Apr 13, 2026	CVE
LOW 1.9	CVE-2026-34850	CVE-2026-34850_CVE-2026-34850 Race condition vulnerability in the notification service. Impact: Successful exploitation of this vulnerability may affect availability.	Huawei	HarmonyOS 5.1.0	Apr 13, 2026	CVE
LOW 3.5	E3AC4D1E-6D98-	Exploit for CVE-2020-24586_E3AC4D1E-6D98-5584-88D0-C274C21F6239 Fracture FragAttacks WiFi Penetration Framework CVE-2020-24586 / CVE-2020-24587 / CVE-2020-24588 Fracture automates three novel attack chains via 8...	N/A	N/A	Apr 12, 2026	GITHUBEXPLOIT
LOW 2.3	CVE-2026-32642	Apache Artemis, Apache ActiveMQ Artemis: Temporary address auto-created for OpenWire consumer without createAddress permission_CVE-2026-32642 Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol a...	Apache Software Foundation	Apache Artemis 2.50.0	Mar 24, 2026	CVE
LOW 3.7	CVE-2026-28753	NGINX ngx_mail_proxy_module vulnerability_CVE-2026-28753 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_module module due to the improper handling of CRLF sequences in DNS resp...	F5	NGINX Open Source 1.29.0	Mar 24, 2026	CVE
LOW 2.1	CVE-2025-11571	Command Execution vulnerability in Simplicity Installer_CVE-2025-11571 Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can...	silabs.com	Simplicity Studio v5	Mar 24, 2026	CVE
LOW 1.3	CVE-2026-33161	Craft CMS: Anonymous “assets/image-editor” calls returns private asset editor metadata to unauthorized users_CVE-2026-33161 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.8 and from version 5.0.0-RC1 to before version 5.9.14...	craftcms	cms >= 4.0.0-RC1, < 4.17.8	Mar 24, 2026	CVE
LOW 2.7	CVE-2026-33160	Craft CMS: Anonymous “generate transform” calls for assets can expose private assets via transform URL_CVE-2026-33160 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.8 and from version 5.0.0-RC1 to before version 5.9.14...	craftcms	cms >= 4.0.0-RC1, < 4.17.8	Mar 24, 2026	CVE