metasploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	MSF:EXPLOIT-LINUX-	xfrm-ESP Page-Cache Write via CVE-2026-43284_MSF:EXPLOIT-LINUX-LOCAL-CVE_2026_43284_DIRTY_FRAG- CVE-2026-43284 is a Linux kernel page-cache write vulnerability in the IPsec/xfrm subsystem affecting ESP Encapsulating Security Payload fragmentat...	N/A	N/A	May 21, 2026	METASPLOIT
CRITICAL 9.8	MSF:AUXILIARY-SCANNER-	Citrix ADC (NetScaler) CVE-2026-3055 Scanner_MSF:AUXILIARY-SCANNER-HTTP-CITRIX_NETSCALER_CVE_2026_3055- This module scans for a vulnerability that allows a remote, unauthenticated attacker to leak memory from a target Citrix ADC server configured as a...	N/A	N/A	May 20, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	cPanel/WHM CRLF Injection Authentication Bypass RCE_MSF:EXPLOIT-MULTI-HTTP-CPANEL_WHM_AUTH_BYPASS_RCE- Exploits CVE-2026-41940, a CRLF injection in cPanel/WHM's cpsrvd daemon that allows unauthenticated remote code execution as root. The Basic-auth h...	N/A	N/A	May 18, 2026	METASPLOIT
NONE	MSF:POST-LINUX-	Tenable Security Center_MSF:POST-LINUX-GATHER-TENABLE_SECURITY_CENTER- This module collects credentials and setup information from Tenable Security Center. root or TNS user permissions are required. We don't utilize SC...	N/A	N/A	May 15, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	HUSTOJ Admin users can zip-slip problem_import_qduoj.php, planting PHP files in webroot for RCE_MSF:EXPLOIT-LINUX-HTTP-HUSTOJ_PROBLEM_IMPORT_RCE- A user with administrative privileges can abuse the problemimportqduoj.php CGI script using a crafted zip file zip-slip to traverse backwards throu...	N/A	N/A	May 15, 2026	METASPLOIT
CRITICAL 10	MSF:AUXILIARY-ADMIN-	Cisco Catalyst SD-WAN Controller vHub Authentication Bypass_MSF:AUXILIARY-ADMIN-NETWORKING-CISCO_SDWAN_VHUB_AUTH_BYPASS- This module exploits an authentication bypass vulnerability CVE-2026-20182 in the Cisco Catalyst SD-WAN Controller. The vdaemon DTLS control-plane ...	N/A	N/A	May 15, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	GestioIP 3.5.7 Remote Command Execution_MSF:EXPLOIT-MULTI-HTTP-GESTIOIP_RCE- This module exploits a command execution via file upload. If GestioIP is configured to use no authentication for admin account, no password is requ...	N/A	N/A	May 14, 2026	METASPLOIT
HIGH 8.8	MSF:EXPLOIT-UNIX-	Dolibarr ERP/CRM Authenticated Code Injection_MSF:EXPLOIT-UNIX-HTTP-DOLIBARR_CMS_RCE_CVE_2023_30253- Dolibarr ERP/CRM before 17.0.1 allows remote code execution by an authenticated user who has access to the Website module. The application filters ...	N/A	N/A	May 14, 2026	METASPLOIT
CRITICAL 9.4	MSF:AUXILIARY-GATHER-	Marvell QConvergeConsole Path Traversal (CVE-2025-6793)_MSF:AUXILIARY-GATHER-QCONVERGECONSOLE_TRAVERSAL- This module exploits a path traversal vulnerability CVE-2025-6793 in Marvell QConvergeConsole use auxiliary/gather/qconvergeconsoletraversal msf au...	N/A	N/A	May 11, 2026	METASPLOIT
NONE	MSF:EXPLOIT-LINUX-	VIM Plugin Persistence_MSF:EXPLOIT-LINUX-PERSISTENCE-VIM_PLUGIN- This module creates a VIM Plugin which executes a payload on VIM startup. Module Options msf use exploit/linux/persistence/vimplugin msf exploitvim...	N/A	N/A	May 8, 2026	METASPLOIT