HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.3	22CFEBF4-738A-	Exploit for Missing Authorization in Plane_22CFEBF4-738A-52AD-B1A9-E066D3D33C80 CVE-2026-46558 Plane’s V2 asset subsystem trusted workspace slugs and asset UUIDs without enforcing the right membership checks, which let one auth...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 7.5	CVE-2026-13283	CVE-2026-13283_CVE-2026-13283 Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific...	Google	Chrome 149.0.7827.201	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-10823	YMC Smart Filter < 3.11.3 - Unauthenticated Private/Draft Post Disclosure_CVE-2026-10823 The YMC Filter WordPress plugin before 3.11.3 does not properly authorize access to one of its REST API endpoints and does not validate a user-supp...	Unknown	YMC Filter	Jun 26, 2026	CVE
HIGH 7.7	CVE-2026-57920	CVE-2026-57920_CVE-2026-57920 Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} endpoints.	Peplink	InControl	Jun 26, 2026	CVE
HIGH 8	CVE-2026-40711	CVE-2026-40711_CVE-2026-40711 Dell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contain(s) ...	Dell	Container Storage Modules	Jun 26, 2026	CVE
HIGH 8.8	THN:6D4443E362E...	New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets_THN:6D4443E362E8561963B28C32694425B5 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidrcFiZh5KSQ9sYpF7Fafoy8kYny6olyD5WlY_oaAdYt0krMeOL8eNiTItqYmEmJ55wueKdZJlhIKMun7kwQ...	N/A	N/A	Jun 26, 2026	THN
HIGH 8.8	CF7939CB-77F8-	Exploit for CVE-2026-43503_CF7939CB-77F8-5507-B35A-608D578D47B0 No description provided...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 7.1	CVE-2026-57918	CVE-2026-57918_CVE-2026-57918 libnfs through 6.0.2 before f0b109d has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection to a cra...	sahlberg	libnfs	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57913	CVE-2026-57913_CVE-2026-57913 Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts.	Johnson & Johnson	Audit Tracking Management System	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57912	CVE-2026-57912_CVE-2026-57912 Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by in...	Johnson & Johnson	Campus Recruiting	Jun 26, 2026	CVE