NONE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	B6BD58A6-3493-	Exploit for CVE-2026-45250_B6BD58A6-3493-54B7-8101-F6C8B63659B0 FreeBSD setcred2 — research artifacts This subdirectory collects the write-up and working exploits for the setcred2 stack buffer overflow in FreeBS...	N/A	N/A	May 21, 2026	GITHUBEXPLOIT
NONE	F075ADB1-EBF8-	CyberSpark-CTF_F075ADB1-EBF8-5C5D-B1DD-D69300CFDDFC No description provided...	N/A	N/A	May 21, 2026	GITHUBEXPLOIT
NONE	THN:387FFDF5ED2...	GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension_THN:387FFDF5ED283C36D4B532508CEED359 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJ64wgVqZTQx208NgY0sBvUUQcR5mb-G4ENkfw4PEX9KlJJxEI_uUKQvPG0rReXB4chZ3wXrvNSR1QsrK525...	N/A	N/A	May 21, 2026	THN
NONE	WIRED:6AA86E804...	A Bipartisan Amendment Would End Police License Plate Tracking Nationwide_WIRED:6AA86E80438522AC4AD16F6730E8961C One line tucked into a federal highway bill would strip funds from cities and states unless they kill their automated plate tracking programs—effec...	N/A	N/A	May 20, 2026	WIRED
NONE	672774B4-07B4-	poc-gitcliff-injection_672774B4-07B4-553F-BC64-8D12CA3A870E poc-gitcliff-injection...	N/A	N/A	May 20, 2026	GITHUBEXPLOIT
NONE	H1:3747959	curl: curl –skip-existing has a TOCTOU race that lets a post-check symlink redirect the later download write_H1:3747959 ## Summary: The curl CLI's `--skip-existing` option performs a separate existence check before the download body is written. In the verified path, ...	N/A	N/A	May 19, 2026	HACKERONE
NONE	108B5C3B-AD91-	drupal-sa-core-2026-004-lab_108B5C3B-AD91-501B-9F9D-A7F4DC457879 SA-CORE-2026-004 — Lab, PoC, and Post-mortem Drupal core SQL injection via Entity Query condition value array keys. Disclosed 2026-05-20 17:00 UTC....	N/A	N/A	May 20, 2026	GITHUBEXPLOIT
NONE	E7939204-B239-	CVE-PoC_E7939204-B239-5FC5-952F-67D7D9990C9C No description provided...	N/A	N/A	May 20, 2026	GITHUBEXPLOIT
NONE	MSSECURE:6D00E9...	Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft_MSSECURE:6D00E966D9372364C645950D0C2319E5 Microsoft has identified an active supply chain attack targeting the _@antv_ node package manager (npm) package ecosystem. A threat actor compromis...	N/A	N/A	May 20, 2026	MSSECURE
NONE	WIRED:FA398F51B...	A New York Cop Got Injured at a Boxing Match. Now Madison Square Garden Is Banning His Lawyer_WIRED:FA398F51BBA9F45ECD9ED462D51792E0 Attorney John Scola is representing a police officer who is suing over injuries allegedly sustained while working security at an MSG property in 2025.	N/A	N/A	May 20, 2026	WIRED