CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-41235	Froxlor has an authorization bypass in FTP shell assignment via missing server-side `available_shells` enforcement_CVE-2026-41235 Froxlor is open source server administration software. Version 2.3.6 lets administrators configure `system.available_shells` as the approved shell ...	froxlor	froxlor = 2.3.6	Jun 4, 2026	CVE
HIGH 7.6	CVE-2026-41234	Froxlor: BIND Zone File Injection via TXT Record Content_CVE-2026-41234 Froxlor is open source server administration software. Prior to version 2.3.7, the `DomainZones.add` API endpoint does not sanitize newline charact...	froxlor	froxlor < 2.3.7	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-40898	quic-go: HTTP/3 QPACK Trailer Expansion Memory Exhaustion_CVE-2026-40898 quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.59.1, an attacker can cause excessive memory allocation in quic-go's HT...	quic-go	quic-go < 0.59.1	Jun 4, 2026	CVE
MEDIUM 6.5	CVE-2026-36499	CVE-2026-36499_CVE-2026-36499 A missing upper-bound check in the udpif_set_threads() function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an ex...	n/a	n/a n/a	Jun 4, 2026	CVE
CRITICAL 9.8	CVE-2025-71316	SQLite sqldiff remote code execution via argument injection_CVE-2025-71316 SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker c...	SQLite	sqldiff	Jun 4, 2026	CVE
MEDIUM 6.3	CVE-2025-65640	CVE-2025-65640_CVE-2025-65640 Cross Site Scripting (XSS) vulnerability in the "Task in Progress / Recent" page in Arket Globe Document Intelligence 5.0.0.559 due to improper san...	n/a	n/a n/a	Jun 4, 2026	CVE
CRITICAL 9.8	18D066FB-7925-	Exploit for Stack-based Buffer Overflow in Microsoft_18D066FB-7925-51D0-8F62-50C464096DBA CVE-2026-41089 !TIP If the setup does not start, add the folder to the allowed list or pause protection for a few minutes. !CAUTION Some security s...	N/A	N/A	Jun 4, 2026	GITHUBEXPLOIT
NONE	HACKREAD:E76C8A...	iFood Confirms Data Breach Affecting 1.2 Million Users in Brazil_HACKREAD:E76C8A57911F89FC6DCB15EC931ED6CD iFood confirms a data breach affecting 1.2 million customers in Brazil, while hackers on BreachForums claim the actual theft is much larger.	N/A	N/A	Jun 4, 2026	HACKREAD
NONE	WIRED:C77ECB950...	Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones_WIRED:C77ECB95084C1F6FBDFEEA6C41728C41 Code reviewed by WIRED uncovered an unreleased face-recognition system embedded in Meta’s smart glasses platform. It’s designed to identify people ...	N/A	N/A	Jun 4, 2026	WIRED
NONE	A9B6C43D-FF27-	poc-exploit-github-actions-pull-request-write-vuln-demo_A9B6C43D-FF27-5DDF-B085-77847F1EAC37 No description provided...	N/A	N/A	Jun 4, 2026	GITHUBEXPLOIT