CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	A471D383-7A66-	Exploit for Improper Input Validation in Drupal_A471D383-7A66-5507-AD3C-3606DC272DB9 drupalgeddon2-cli A command-line rewrite of the Drupalgeddon2 CVE-2018-7600 proof-of-concept, built as a study exercise while working through the H...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 10	7D18273C-34E3-	Exploit for Use of Incorrectly-Resolved Name or Reference in Apache Tomcat_7D18273C-34E3-5A00-B425-67EF1C53E606 CVE-2025-24813 - Apache Tomcat Partial PUT + Deserialization RCE 📋 Overview CVE-2025-24813 is a high‑severity vulnerability in Apache Tomcat that ...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.1	CVE-2026-9067	Schema & Structured Data for WP & AMP < 1.60 - Unauthenticated Arbitrary Media Upload_CVE-2026-9067 The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers a...	Unknown	Schema & Structured Data for WP & AMP	Jun 10, 2026	CVE
CRITICAL 9.8	CVE-2025-6254	Doctreat Core <= 1.6.8 - Unauthenticated Privilege Escalation_CVE-2025-6254 The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.6.8. This is due to the doctre...	AmentoTech	Doctreat Core	Jun 10, 2026	CVE
CRITICAL 9.8	THN:DBB7D43EBD3...	Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs_THN:DBB7D43EBD32D9B6D51C0558B77E438D ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDOIX9PorKjXDciuKmL8xLL9vrOVtBou5tBhn4T-u7cgllDKei3HRDr8vsXGM-MllL1eb6E_pdEID5s_sRUx...	N/A	N/A	Jun 10, 2026	THN
CRITICAL 10	D08D4EF5-0307-	Exploit for CVE-2026-10520_D08D4EF5-0307-5336-8253-F56FE19CCC6B CVE-2026-10520 — Ivanti Sentry Mass Scanner Detection scanner for CVE-2026-10520, an OS command injection vulnerability in Ivanti Sentry. Vulnerabi...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.1	2C789584-82FD-	Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os_2C789584-82FD-5503-B3B1-B5B9573BD5DA 🚨 CVE-2026-0257 – PAN-OS GlobalProtect Authentication Bypass Security research, technical analysis, detection guidance, IOC collection, and defens...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.1	C1CCFFF3-2CB0-	Exploit for Incorrect Authorization in Vercel Next.Js_C1CCFFF3-2CB0-5007-ACAB-0173D4F36B96 CVE-2025-29927 Lab Minimal reproduction lab for CVE-2025-29927 — Next.js middleware authorization bypass CVSS 9.1. Companion to: N-Day Analysis wri...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.3	CVE-2026-45328	ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers_CVE-2026-45328 ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, the esp_tee component exposes secure-service wr...	espressif	esp-idf = 5.5.4	Jun 10, 2026	CVE
CRITICAL 9.2	CVE-2025-66276	QTS_CVE-2025-66276 QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later	QNAP Systems Inc.	QTS 5.2.0	Jun 10, 2026	CVE