metasploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	MSF:EXPLOIT-WINDOWS-	Windows Registry Persistence via Userinit_MSF:EXPLOIT-WINDOWS-PERSISTENCE-REGISTRY_USERINIT- This module will install a payload that is executed during user logon. It writes a payload executable to disk and modifies the Userinit registry va...	N/A	N/A	Feb 18, 2026	METASPLOIT
CRITICAL 10	MSF:AUXILIARY-GATHER-	n8n arbitrary file read_MSF:AUXILIARY-GATHER-NI8MARE_CVE_2026_21858- This module exploits CVE-2026-21858, a critical unauthenticated remote code execution vulnerability in n8n workflow automation platform versions 1....	N/A	N/A	Feb 16, 2026	METASPLOIT
CRITICAL 10	MSF:EXPLOIT-MULTI-	ChurchCRM Unauthenticated RCE 6.8.0_MSF:EXPLOIT-MULTI-HTTP-CHURCHCRM_INSTALL_UNAUTH_RCE- This module exploits an unauthenticated remote code execution vulnerability in the installation process of ChurchCRM versions 6.8.0 and earlier. By...	N/A	N/A	Feb 16, 2026	METASPLOIT
NONE	MSF:EXPLOIT-FREEBSD-	FreeBSD rtsold/rtsol DNSSL Command Injection_MSF:EXPLOIT-FREEBSD-MISC-RTSOLD_DNSSL_CMDINJECT- This module exploits a command injection vulnerability CVE-2025-14558 in FreeBSD's rtsol8 and rtsold8 programs. These programs do not validate the ...	N/A	N/A	Feb 13, 2026	METASPLOIT
NONE	MSF:EXPLOIT-MULTI-	Xerte Online Toolkits Arbitrary File Upload – Unauthenticated Template Import_MSF:EXPLOIT-MULTI-HTTP-XERTE_UNAUTHENTICATED_TEMPLATE_IMPORT_RCE- This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Specifical...	N/A	N/A	Feb 13, 2026	METASPLOIT
NONE	MSF:EXPLOIT-MULTI-	Xerte Online Toolkits Arbitrary File Upload – Upload Image_MSF:EXPLOIT-MULTI-HTTP-XERTE_AUTHENTICATED_RCE_UPLOADIMAGE- This module exploits the user template file import function's unrestricted file upload in versions 3.14 and earlier to upload and execute a shell. ...	N/A	N/A	Feb 13, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	SolarWinds Web Help Desk unauthenticated RCE_MSF:EXPLOIT-MULTI-HTTP-SOLARWINDS_WEBHELPDESK_RCE- This module exploits an access control bypass vulnerability CVE-2025-40536 and an unsafe deserialization vulnerability CVE-2025-40551 to achieve un...	N/A	N/A	Feb 13, 2026	METASPLOIT
NONE	MSF:EXPLOIT-MULTI-	Xerte Online Toolkits Arbitrary File Upload – Import Language_MSF:EXPLOIT-MULTI-HTTP-XERTE_UNAUTHENTICATED_IMPORTLANGUAGE- This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Module Opt...	N/A	N/A	Feb 13, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	GNU Inetutils Telnet Authentication Bypass Exploit CVE-2026-24061_MSF:EXPLOIT-LINUX-TELNET-GNU_INETUTILS_AUTH_BYPASS- The telnetd service from GNU InetUtils is vulnerable to authentication-bypass, tracked as CVE-2026-24061, in versions up to version 2.7. During Tel...	N/A	N/A	Feb 12, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	Ivanti Endpoint Manager Mobile (EPMM) unauthenticated RCE_MSF:EXPLOIT-LINUX-HTTP-IVANTI_EPMM_RCE- This module exploits a OS command injection issue in Ivanti Endpoint Manager Mobile EPMM, formerly known as MobileIron. A remote attacker can achie...	N/A	N/A	Feb 10, 2026	METASPLOIT