CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2026-11526	GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle_CVE-2026-11526 GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::I...	RURBAN	GD	Jun 14, 2026	CVE
CRITICAL 9.8	CVE-2026-8935	Advanced Google Maps < 6.1.1 - Unauthenticated Administrator Account Creation_CVE-2026-8935 The WP MAPS PRO WordPress plugin before 6.1.1 registers an unauthenticated AJAX action which, given a valid nonce that is publicly emitted on any f...	Unknown	WP MAPS PRO	Jun 15, 2026	CVE
CRITICAL 9.3	13CA0CE8-12D1-	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering_Toolkits_13CA0CE8-12D1-54FC-9A7F-66AE9C6F4402 No description provided...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-41157	GPU DDK – OOB Write in CalculateNPOTTwiddleSparsePageMap3D_CVE-2026-41157 A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space...	Imagination Technologies	Graphics DDK 1.18 RTM, 23.2 RTM, 24.2 RTM, 25.1 RTM, 26.1 RTM	Jun 12, 2026	CVE
CRITICAL 9.8	CVE-2026-9862	Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability_CVE-2026-9862 Fortra's Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker ...	Fortra	Core Privileged Access Manager (BoKS) boks-server 8.1.0.0	Jun 15, 2026	CVE
CRITICAL 9.2	DE40BC6F-7F50-	Exploit for CVE-2026-9277_DE40BC6F-7F50-5F83-B654-AEE371F307C5 CVE-2026-9277 - Shell-Quote Command Injection Exploit A specialized Proof of Concept PoC exploit script designed to verify and demonstrate CVE-2026...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
CRITICAL 10	CVE-2026-52704	WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability_CVE-2026-52704 Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion...	Edgar Rojas	WooCommerce PDF Invoice Builder n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-5482	Remote Code Execution via Unrestricted File Upload in Responsive FileManager_CVE-2026-5482 Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint...	Tecrail	Responsive FileManager 9.14.0	Jun 15, 2026	CVE
CRITICAL 9.2	CVE-2026-49757	OAuth2/OIDC account takeover in AshAuthentication via email-based user matching_CVE-2026-49757 Authentication Bypass by Spoofing vulnerability in team-alembic AshAuthentication allows account takeover of local users via OAuth2/OIDC sign-in. ...	team-alembic	ash_authentication 0.1.0	Jun 15, 2026	CVE
CRITICAL 9.1	FC17B1E5-1DBA-	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Treck Tcp\/Ip_FC17B1E5-1DBA-5684-A537-D7493B9D3AEA No description provided...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT