LOW - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.3	CVE-2026-28264	CVE-2026-28264_CVE-2026-28264 Dell PowerProtect Agent Service, version(s) prior to 20.1, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low...	Dell	PowerProtect Agent	Apr 8, 2026	CVE
LOW 2.3	CVE-2026-34720	Zammad has an origin validation error in SSO mechanism_CVE-2026-34720 Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the SSO mechanism in Zammad was not verifying the hea...	zammad	zammad < 6.5.4	Apr 8, 2026	CVE
LOW 2.1	CVE-2026-34248	Zammad has an information disclosure in ticket detail view of customers in shared organizations_CVE-2026-34248 Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, customers in shared organizations (means they can see each othe...	zammad	zammad >= 7.0.0, < 7.0.1	Apr 8, 2026	CVE
LOW 3.7	CVE-2026-34166	LiquidJS has a Memory Limit Bypass via Quadratic Amplification in `replace` Filter_CVE-2026-34166 LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, the replace filter in LiquidJS incorrectly ac...	harttle	liquidjs < 10.25.3	Apr 8, 2026	CVE
LOW 3.5	CVE-2026-35400	LORIS incorrectly trusts user input in publication module_CVE-2026-35400 LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimagin...	aces	Loris >= 20.0.0, < 27.0.3	Apr 8, 2026	CVE
LOW 2.7	CVE-2026-4916	Missing Authorization in GitLab_CVE-2026-4916 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that co...	GitLab	GitLab 18.2	Apr 8, 2026	CVE
LOW 3.7	CVE-2026-24661	Unbounded Request Body Read in MS Teams Plugin {{/changes}} Webhook Endpoint_CVE-2026-24661 Mattermost Plugins versions	Mattermost	Mattermost	Apr 9, 2026	CVE
LOW 3.7	CVE-2026-21388	Unbounded Request Body Read in MS Teams Plugin {{/lifecycle}} Webhook Endpoint_CVE-2026-21388 Mattermost Plugins versions	Mattermost	Mattermost	Apr 9, 2026	CVE
LOW 2.7	CVE-2025-15480	Senstive information disclosure was affecting ubuntu-desktop-provision_CVE-2025-15480 In Ubuntu, ubuntu-desktop-provision version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a u...	Canonical	Ubuntu	Apr 9, 2026	CVE
LOW 2.7	CVE-2025-14551	Senstive information disclosure was affecting subiquity_CVE-2025-14551 In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a...	Canonical	Ubuntu	Apr 9, 2026	CVE