LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.7	CVE-2026-34203	Nautobot: Management of users via REST API does not apply configured password validators_CVE-2026-34203 Nautobot is a Network Source of Truth and Network Automation Platform. Prior to versions 2.4.30 and 3.0.10, user creation and editing via the REST ...	nautobot	nautobot < 2.4.30	Mar 31, 2026	CVE
LOW 3.8	CVE-2026-3470	CVE-2026-3470_CVE-2026-3470 A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a re...	SonicWall	Email Security 10.0.34.8215 and earlier versions	Mar 31, 2026	CVE
LOW 2.7	CVE-2026-3469	CVE-2026-3469_CVE-2026-3469 A denial-of-service (DoS) vulnerability exists due to improper input validation in the SonicWall Email Security appliance, allowing a remote authen...	SonicWall	Email Security 10.0.34.8215 and earlier versions	Mar 31, 2026	CVE
LOW 3.3	CVE-2026-35094	Libinput: libinput: information disclosure via dangling pointer in lua plugin handling_CVE-2026-35094 A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vuln...	Red Hat	Red Hat Enterprise Linux 10	Apr 1, 2026	CVE
LOW 3.7	CVE-2025-67806	CVE-2025-67806_CVE-2025-67806 The login mechanism of Sage DPW 2021_06_004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts ...	n/a	n/a n/a	Apr 1, 2026	CVE
LOW 2	CVE-2026-5310	Enter Software Iperius Backup IperiusAccounts.ini hard-coded key_CVE-2026-5310 A vulnerability was identified in Enter Software Iperius Backup up to 8.7.2. This impacts an unknown function of the file IperiusAccounts.ini. Such...	Enter Software	Iperius Backup 8.7.0	Apr 1, 2026	CVE
LOW 2.3	CVE-2026-5199	Cross Namespace Access via Batch Operation_CVE-2026-5199 A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cl...	Temporal Technologies, Inc.	temporal 1.29.0	Apr 1, 2026	CVE
LOW 2.7	CVE-2026-34518	AIOHTTP: Cookie and Proxy-Authorization headers leaked on cross-origin redirect_CVE-2026-34518 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different or...	aio-libs	aiohttp < 3.13.4	Apr 1, 2026	CVE
LOW 2.7	CVE-2026-34517	AIOHTTP: Late size enforcement for non-file multipart fields causes memory DoS_CVE-2026-34517 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp re...	aio-libs	aiohttp < 3.13.4	Apr 1, 2026	CVE
LOW 2.7	CVE-2026-34514	AIOHTTP: CRLF injection in multipart part content type header construction_CVE-2026-34514 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the content_type ...	aio-libs	aiohttp < 3.13.4	Apr 1, 2026	CVE