Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.5	CVE-2026-40722	WordPress Yoast SEO Premium plugin <= 26.6 - Broken Access Control vulnerability_CVE-2026-40722 Missing Authorization vulnerability in Yoast BV Yoast SEO Premium allows Exploiting Incorrectly Configured Access Control Security Levels. This is...	Yoast BV	Yoast SEO Premium n/a	Jun 17, 2026	CVE
MEDIUM 4.8	CVE-2026-27870	CROSS-SITE SCRIPTING (XSS) VIA MALICIOUS FILE UPLOAD ON REGESTA SMART HD-PLC OF TELDAT_CVE-2026-27870 An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, registration action IS required) who has the ...	Teldat	Regesta Smart HD-PLC - TLDPH16D2 11.02.05.10.02	Jun 17, 2026	CVE
MEDIUM 6.9	CVE-2026-27869	WEB SERVICE (HTTP) DENIAL OF SERVICE VIA SLOW HEADERS ON REGESTA SMART HD-PLC OF TELDAT_CVE-2026-27869 An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, NO registration action is required) who has t...	Teldat	Regesta Smart HD-PLC - TLDPH16D2 11.02.05.10.02	Jun 17, 2026	CVE
MEDIUM 6.9	CVE-2026-27868	PUBLICATION OF SENSITIVE INFORMATION ON REGESTA SMART HD-PLC OF TELDAT_CVE-2026-27868 An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat (in this case, NO registration action is required) who has t...	Teldat	Regesta Smart HD-PLC - TLDPH16D2 11.02.05.10.02	Jun 17, 2026	CVE
HIGH 8.8	CVE-2026-12165	Contest Gallery <= 30.0.2 - Authenticated (Author+) Privilege Escalation via 'RegistryUserRole' Parameter_CVE-2026-12165 The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to Privilege Escalation in all vers...	contest-gallery	Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe	Jun 17, 2026	CVE
MEDIUM 6.6	CVE-2026-12115	Counter Box <= 2.0.13 - Authenticated (Administrator+) PHP Object Injection via Import_CVE-2026-12115 The Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions...	wpcalc	Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress	Jun 17, 2026	CVE
CRITICAL 10	06D35475-E02D-	Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware_06D35475-E02D-543B-8D0C-C2472D8AE7A8 No description provided...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.3	C05A4F3C-033F-	Exploit for CVE-2026-49952_C05A4F3C-033F-5533-8A5C-19976624584B setup pip3 install Pillow torch torchvision run $ python3 exploit.py http://localhost/discuz5/ +---------------------------------------------------...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
NONE	187ED3AF-60BD-	CVE_187ED3AF-60BD-53B1-B54D-B5110190CA98 CVE Request Disclosure Document Executive Summary A Prototype Pollution → Stored DOM-based Cross-Site Scripting XSS vulnerability exists in the Has...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
NONE	1EF2C6EE-A7AF-	kage_1EF2C6EE-A7AF-573F-A48E-4C1275F9AD4F kage The preview above is a clip. Click it for the full video. A Claude Code plugin that runs a full pentest engagement from inside your coding age...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT