category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.8	CVE-2026-45257	Arbitrary file overwrite via the KTLS receive path_CVE-2026-45257 The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assump...	FreeBSD	FreeBSD 15.0-RELEASE	Jun 26, 2026	CVE
MEDIUM 5.5	CVE-2026-45256	Missing permission check in thr_kill2(2)_CVE-2026-45256 When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to determine whether the operation was permitted but did not ...	FreeBSD	FreeBSD 15.0-RELEASE	Jun 26, 2026	CVE
LOW 3.5	CVE-2026-3472	Markdown image rendering bypass in AI bot tool result posts in Mattermost_CVE-2026-3472 Mattermost versions 10.11.x	Mattermost	Mattermost 10.11.0	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-30041	CVE-2026-30041_CVE-2026-30041 An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial of Servi...	n/a	n/a n/a	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-30040	CVE-2026-30040_CVE-2026-30040 A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the...	n/a	n/a n/a	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2026-24547	WordPress SiteGround Email Marketing plugin <= 1.7.5 - Broken Access Control vulnerability_CVE-2026-24547 Unauthenticated Broken Access Control in SiteGround Email Marketing	SiteGround	SiteGround Email Marketing n/a	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2025-68075	WordPress BNE Testimonials plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability_CVE-2025-68075 Contributor Cross Site Scripting (XSS) in BNE Testimonials	Kerry	BNE Testimonials n/a	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2025-68074	WordPress Image Carousel plugin <= 1.0.0.41 - Cross Site Scripting (XSS) vulnerability_CVE-2025-68074 Contributor Cross Site Scripting (XSS) in Image Carousel	GhozyLab	Image Carousel n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2025-68064	WordPress Goya Core plugin < 1.0.9.4 - Local File Inclusion vulnerability_CVE-2025-68064 Contributor Local File Inclusion in Goya Core < 1.0.9.4 versions.	Everthemess	Goya Core n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2025-68063	WordPress Splash – Sport Club WordPress theme for Basketball, Football, Hockey theme <= 4.4.3 - Local File Inclusion vulnerability_CVE-2025-68063 Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey	StylemixThemes	Splash - Sport Club WordPress Theme for Basketball, Football, Hockey n/a	Jun 26, 2026	CVE