metasploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	MSF:EXPLOIT-MULTI-	ChurchCRM Unauthenticated RCE 6.8.0_MSF:EXPLOIT-MULTI-HTTP-CHURCHCRM_INSTALL_UNAUTH_RCE- This module exploits an unauthenticated remote code execution vulnerability in the installation process of ChurchCRM versions 6.8.0 and earlier. By...	N/A	N/A	Feb 16, 2026	METASPLOIT
NONE	MSF:EXPLOIT-FREEBSD-	FreeBSD rtsold/rtsol DNSSL Command Injection_MSF:EXPLOIT-FREEBSD-MISC-RTSOLD_DNSSL_CMDINJECT- This module exploits a command injection vulnerability CVE-2025-14558 in FreeBSD's rtsol8 and rtsold8 programs. These programs do not validate the ...	N/A	N/A	Feb 13, 2026	METASPLOIT
NONE	MSF:EXPLOIT-MULTI-	Xerte Online Toolkits Arbitrary File Upload – Unauthenticated Template Import_MSF:EXPLOIT-MULTI-HTTP-XERTE_UNAUTHENTICATED_TEMPLATE_IMPORT_RCE- This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Specifical...	N/A	N/A	Feb 13, 2026	METASPLOIT
NONE	MSF:EXPLOIT-MULTI-	Xerte Online Toolkits Arbitrary File Upload – Upload Image_MSF:EXPLOIT-MULTI-HTTP-XERTE_AUTHENTICATED_RCE_UPLOADIMAGE- This module exploits the user template file import function's unrestricted file upload in versions 3.14 and earlier to upload and execute a shell. ...	N/A	N/A	Feb 13, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	SolarWinds Web Help Desk unauthenticated RCE_MSF:EXPLOIT-MULTI-HTTP-SOLARWINDS_WEBHELPDESK_RCE- This module exploits an access control bypass vulnerability CVE-2025-40536 and an unsafe deserialization vulnerability CVE-2025-40551 to achieve un...	N/A	N/A	Feb 13, 2026	METASPLOIT
NONE	MSF:EXPLOIT-MULTI-	Xerte Online Toolkits Arbitrary File Upload – Import Language_MSF:EXPLOIT-MULTI-HTTP-XERTE_UNAUTHENTICATED_IMPORTLANGUAGE- This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Module Opt...	N/A	N/A	Feb 13, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	GNU Inetutils Telnet Authentication Bypass Exploit CVE-2026-24061_MSF:EXPLOIT-LINUX-TELNET-GNU_INETUTILS_AUTH_BYPASS- The telnetd service from GNU InetUtils is vulnerable to authentication-bypass, tracked as CVE-2026-24061, in versions up to version 2.7. During Tel...	N/A	N/A	Feb 12, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	Ivanti Endpoint Manager Mobile (EPMM) unauthenticated RCE_MSF:EXPLOIT-LINUX-HTTP-IVANTI_EPMM_RCE- This module exploits a OS command injection issue in Ivanti Endpoint Manager Mobile EPMM, formerly known as MobileIron. A remote attacker can achie...	N/A	N/A	Feb 10, 2026	METASPLOIT
CRITICAL 9.8	MSF:AUXILIARY-GATHER-	Gladinet CentreStack/Triofox Path Traversal_MSF:AUXILIARY-GATHER-GLADINET_STORAGE_PATH_TRAVERSAL_CVE_2025_11371- This module exploits a path traversal vulnerability CVE-2025-11371 in Gladinet CentreStack and Triofox that allows an unauthenticated attacker to r...	N/A	N/A	Feb 4, 2026	METASPLOIT
NONE	MSF:AUXILIARY-GATHER-	Gladinet CentreStack/Triofox Access Ticket Forge_MSF:AUXILIARY-GATHER-GLADINET_STORAGE_ACCESS_TICKET_FORGE- This module forges access tickets for the Gladinet CentreStack/Triofox /storage/filesvr.dn endpoint. The vulnerability exists because the applicati...	N/A	N/A	Feb 4, 2026	METASPLOIT