HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	8368E8ED-03A4-	sslpwn_8368E8ED-03A4-58E7-BF10-DEA012DCAC12 sslpwn sslpwn is a security research tool for testing web applications against eight well-known SSL/TLS vulnerabilities: - BEAST CVE-2011-3389 - TL...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
HIGH 8.7	CVE-2026-12806	Edimax BR-6478AC V2 POST Request formWlSiteSurvey buffer overflow_CVE-2026-12806 A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSur...	Edimax	BR-6478AC V2 1.23	Jun 21, 2026	CVE
HIGH 10	48CB0B24-8B26-	create-poc-template-skills_48CB0B24-8B26-5239-AC5C-FDFA59633797 create-poc-template 中文 A skill for AI coding agents, containing the full development reference for Pocsuite3 and Nuclei — so agents stop hallucin...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
HIGH 8.7	CVE-2026-56396	phpMyFAQ – Privilege Escalation via Missing Authorization in editUser() and updateUserRights()_CVE-2026-56396 phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated admini...	phpMyFAQ	phpMyFAQ	Jun 21, 2026	CVE
HIGH 7.1	CVE-2026-56394	Craft CMS – Authenticated Path Traversal in assets/icon Extension Parameter_CVE-2026-56394 Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not va...	craftcms	cms 4.0.0-RC1	Jun 21, 2026	CVE
HIGH 8.6	CVE-2026-56382	Craft CMS – Remote Code Execution via Missing Config Sanitization in FieldsController_CVE-2026-56382 Craft CMS (composer package craftcms/cms) versions >= 5.5.0 and	craftcms	cms 5.5.0	Jun 21, 2026	CVE
HIGH 8.7	CVE-2026-56253	Capgo – Unauthenticated Organization Member Email Disclosure via get_org_members RPC_CVE-2026-56253 Capgo before 12.128.2 contains an improper access control vulnerability in the public.get_org_members RPC function that allows unauthenticated atta...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7	CVE-2026-56251	Capgo – Privilege Escalation via Broken Row Level Security in org_users_CVE-2026-56251 Capgo before 12.128.2 contains a broken row level security policy in the org_users table that allows authenticated users to elevate privileges from...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 8.7	CVE-2026-56242	Capgo – Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPC_CVE-2026-56242 Capgo before 12.128.2 contains an unauthenticated security definer RPC function get_identity_apikey_only that returns the owning user_id for suppli...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7.2	CVE-2026-56239	Capgo – Privilege Escalation via SECURITY DEFINER Function apply_usage_overage_CVE-2026-56239 Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public.apply_usage_overage SECURITY DEFINER function, which pe...	Capgo	Capgo	Jun 21, 2026	CVE