category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-11211	CVE-2026-11211_CVE-2026-11211 Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted H...	Google	Chrome 149.0.7827.53	Jun 4, 2026	CVE
HIGH 8.3	CVE-2026-10971	CVE-2026-10971_CVE-2026-10971 Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had comprom...	Google	Chrome 149.0.7827.53	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-11412	Jinher OA GetFormSn.aspx sql injection_CVE-2026-11412 A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft.Web.ModuleCount/GetFormSn.aspx. ...	Jinher	OA C6	Jun 6, 2026	CVE
MEDIUM 4.8	CVE-2026-11411	iAI Lab PDF AI App chatpdf.pro getExternalCacheDir path traversal_CVE-2026-11411 A security flaw has been discovered in iAI Lab PDF AI App 4.21.0 on Android. Impacted is the function getExternalCacheDir of the component chatpdf....	iAI Lab	PDF AI App 4.21.0	Jun 6, 2026	CVE
MEDIUM 5.3	CVE-2026-11406	GL.iNet MT3000 OpenVPN Client Import Workflow ovpnclient.sh command injection_CVE-2026-11406 A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component Op...	GL.iNet	MT3000 4.4.0	Jun 6, 2026	CVE
MEDIUM 5.3	CVE-2026-11408	vertex-app vertex Log Viewer Endpoint LogMod.js os command injection_CVE-2026-11408 A vulnerability was identified in vertex-app vertex up to 2026.02.12. This issue affects some unknown processing of the file app/model/LogMod.js of...	vertex-app	vertex 2026.02.0	Jun 6, 2026	CVE
HIGH 7.2	CVE-2026-9851	Booking Package <= 1.7.16 - Authenticated (Editor+) Privilege Escalation via Account Takeover to updateUser AJAX Action_CVE-2026-9851 The Booking Package plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in versions up to, and including, 1.7.16. This ...	masaakitanaka	Booking Package	Jun 6, 2026	CVE
MEDIUM 6.5	CVE-2026-9829	Photo Gallery by 10Web <= 1.8.41 - Authenticated (Contributor+) SQL Injection via 'compact_album_order_by' Shortcode Parameter_CVE-2026-9829 The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based SQL Injection via 'compact_album_order_...	10web	Photo Gallery by 10Web – Mobile-Friendly Image Gallery	Jun 6, 2026	CVE
MEDIUM 4.4	CVE-2026-9594	WP Maps <= 4.9.4 - Authenticated (Admin+) Stored Cross-Site Scripting via 'location_messages' Parameter_CVE-2026-9594 The WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Sc...	flippercode	WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters	Jun 6, 2026	CVE
MEDIUM 5.3	CVE-2026-9016	Debug Log Manager <= 2.5.0 - Unauthenticated Improper Output Neutralization for Logs via log_js_errors AJAX Action_CVE-2026-9016 The Debug Log Manager – Conveniently Monitor and Inspect Errors plugin for WordPress is vulnerable to Improper Output Neutralization for Logs in al...	qriouslad	Debug Log Manager – Conveniently Monitor and Inspect Errors	Jun 6, 2026	CVE