news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	IMPERVABLOG:BA4...	Imperva Customers Protected Against CVE-2026-49975 (HTTP/2 Bomb) DoS_IMPERVABLOG:BA4CDD5D2C165420AABD5BACC5E62A48 TL;DR: CVE-2026-49975, dubbed the “HTTP/2 Bomb,” is a critical remote Denial-of-Service (DoS) vulnerability affecting default HTTP/2 configurat...	N/A	N/A	Jun 4, 2026	IMPERVABLOG
NONE	THN:0B3DB635D0B...	Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories_THN:0B3DB635D0BFA927F086D636FB7A16B9 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiaBF9jAklPh1ncr_eVPGnV229BSTNgAjkScVm-yTXAn4IcBjjZoLIglasRdu1XEPafCxJhqVZrC3zkNWily...	N/A	N/A	Jun 4, 2026	THN
NONE	BEBC5B58-92D4-	ExploitDarlenePRO_BEBC5B58-92D4-5D59-8986-FDFA6328C82A No description provided...	N/A	N/A	Jun 4, 2026	GITHUBEXPLOIT
CRITICAL 9.8	PACKETSTORM:222633	📄 WordPress ARMember Premium 7.3.1 Insecure Password Reset_PACKETSTORM:222633 WordPress ARMember Premium plugin versions 7.3.1 and below suffer from an insecure password reset mechanism that allows for administrative account ...	N/A	N/A	Jun 4, 2026	PACKETSTORM
NONE	FD0437D8-4085-	SmartMES-Range_FD0437D8-4085-5CC5-9315-B3111BE75BED SmartMES Attack-Defense Drill Site The Smart Manufacturing Enterprise Execution System MES attack-defense drill site is designed for red-blue confr...	N/A	N/A	Jun 4, 2026	GITHUBEXPLOIT
CRITICAL 9.8	0741E52B-D558-	Exploit for Deserialization of Untrusted Data in Presstigers Simple_Job_Board_0741E52B-D558-58DC-BF9C-0A4B84B06668 CVE-2024-1813 - Simple Job Board ≤ 2.11.0 WordPress - Unauthenticated PHP Object Injection 🎥 Proof-of-Concept demo End-to-end: a guest stores a se...	N/A	N/A	Jun 4, 2026	GITHUBEXPLOIT
CRITICAL 9.8	608C7C1A-97A1-	Exploit for Stack-based Buffer Overflow in Microsoft_608C7C1A-97A1-5E81-B84A-32A69CDBDD74 CVE-2026-41089 ██████╗██╗ ██╗███████╗ ██╗ ██╗ ██╗ ██████╗ ██████╗ ██╔════╝██║ ██║██╔════╝ ██║ ██║███║██╔═████╗██╔═████╗ ██║ ██║ ██║█████╗ ███████║╚...	N/A	N/A	Jun 4, 2026	GITHUBEXPLOIT
NONE	004C6603-8A1D-	SentinelWeb_004C6603-8A1D-5EEB-8B48-EF013A0079A5 SentinelWeb — Automated Web Security Audits...	N/A	N/A	Jun 4, 2026	GITHUBEXPLOIT
MEDIUM 5.9	B0271EB5-03B9-	Exploit for Path Traversal in Casbin Casdoor_B0271EB5-03B9-53A1-B97B-087C3883C5F6 CVE-2026-6815: Casdoor 3.54.1 Path Traversal & Arbitrary File Write Authenticated This repository contains a Proof of Concept PoC exploit for CVE-2...	N/A	N/A	Jun 4, 2026	GITHUBEXPLOIT
MEDIUM 5.9	CVE-2026-48682	CVE-2026-48682_CVE-2026-48682 FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simple_packet_parser_ng.cpp, after vali...	n/a	n/a n/a	Jun 2, 2026	CVE