HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7	CVE-2026-10763	CVE-2026-10763_CVE-2026-10763 PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server.	Hitachi Energy	PROMOD V 1.0.0	Jun 30, 2026	CVE
HIGH 7.3	201DCF14-1AAA-	wp-exploit_201DCF14-1AAA-5BD3-BC87-3A8A7BBBCF54 🚀 FULLCVE-2026-6433 Advanced WordPress Exploitation Framework --- 📖 Overview FULLCVE-2026-6433 is a modular, high-performance toolkit designed to...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 7.8	54DE62F9-A0CE-	Exploit for Use After Free in Google Android_54DE62F9-A0CE-554B-A9D1-FCB05FE5250D Root Sonim XP3800 Root access for the Sonim XP3800 XP3plus. Two paths are available — choose whichever fits your situation. Two paths to root Optio...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 7.2	CVE-2026-56808	CVE-2026-56808_CVE-2026-56808 DGM3103SCT provided by AVTECH Security Corporation contains an OS command injection vulnerability, which may lead to arbitrary command execution wi...	AVTECH Security Corporation	DGM3103SCT firmware version 3.2.5.4 and prior	Jun 30, 2026	CVE
HIGH 7.8	CVE-2026-56137	CVE-2026-56137_CVE-2026-56137 RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS command injection vulnerability. If a user loads a specially crafted save-fi...	Gotcha Gotcha Games Inc.	RPG MAKER MV 1.6.3 and earlier	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-14164	Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()_CVE-2026-14164 A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer m...	Red Hat	Red Hat Enterprise Linux 10	Jun 30, 2026	CVE
HIGH 8	CVE-2026-12240	Export User Data <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion via display_name Field_CVE-2026-12240 The Export User Data plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unserialize func...	qlstudio	Export User Data	Jun 30, 2026	CVE
HIGH 8.4	CVE-2026-12578	DTMSoft – Deserialization of Untrusted Data Vulnerability_CVE-2026-12578 The affected product is vulnerable to a deserialization of untrusted data, which may allow an attacker to execute arbitrary code.	deltaww	DTMSoft *	Jun 30, 2026	CVE
HIGH 8.8	THN:9247B208C4F...	Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs_THN:9247B208C4FFADCDFC198B9F5D16121C ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgEWbrJH-z_uAL6GFaOqplYF1ewSOBvFpaKD24W74VEBaSO-pW3sy0I0e57Bmc9yBKV4vb6zWYaVjd-oTSy2...	N/A	N/A	Jun 30, 2026	THN
HIGH 7	CVE-2026-46309	drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise_CVE-2026-46309 In the Linux kernel, the following vulnerability has been resolved: drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise Add v...	Linux	Linux ada7486c5668db542a7d361268df931aca5b726a	Jun 8, 2026	CVE