HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	EC416CA3-37BE-	Exploit for CVE-2026-7654_EC416CA3-37BE-51FE-AC7A-41244A101E66 CVE-2026-7654 CVE-2026-7654 Admin Columns PHP Object Injection RCE Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.8	7CF479F9-DCFD-	Exploit for CVE-2026-7465_7CF479F9-DCFD-55E9-ACB6-F0D34AD20631 -CVE-2026-7465 CVE-2026-7465 Spectra Gutenberg Blocks Authenticated RCE Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 7.5	19A4481C-6D82-	Exploit for CVE-2026-7459_19A4481C-6D82-51BE-9CBD-2BBC039DC9FE CVE-2026-7459 CVE-2026-7459 Simple History Missing Authorization Account Takeover Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.8	8B9B93FC-8C77-	Exploit for CVE-2026-5415_8B9B93FC-8C77-5E42-B472-87FA60C69926 CVE-2026-5415 CVE-2026-5415 WP Captcha PRO Authenticated Authentication Bypass Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 7.5	64C268B8-DAA9-	Exploit for CVE-2026-49083_64C268B8-DAA9-5742-A8DC-477457B77A6F CVE-2026-49083 CVE-2026-49083 LatePoint Calendar Booking Plugin Privilege Escalation Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.8	CVE-2026-12165	Contest Gallery <= 30.0.2 - Authenticated (Author+) Privilege Escalation via 'RegistryUserRole' Parameter_CVE-2026-12165 The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to Privilege Escalation in all vers...	contest-gallery	Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-12199	Unauthenticated Denial of Service in nltk.app.wordnet_app_CVE-2026-12199 A vulnerability in `nltk.app.wordnet_app` up to version 3.9.3 allows unauthenticated remote shutdown of the local WordNet Browser HTTP server when ...	nltk	nltk/nltk unspecified	Jun 17, 2026	CVE
HIGH 8.8	E87C990D-9E3C-	Exploit for Improper Restriction of Names for Files and Other Resources in Microsoft_E87C990D-9E3C-5866-9E3D-36C66A9C5EEF cve-id ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated l...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 7.2	CVE-2026-53876	CVE-2026-53876_CVE-2026-53876 RadiX AX6600 WiFi 6 Tri-Band Gaming Router contains an OS command injection vulnerability, which may lead to arbitrary command execution with the r...	Micro-Star International Co., Ltd.	RadiX AX6600 WiFi 6 Tri-Band Gaming Router firmware versions prior to v781521	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-12360	JetEngine <= 3.8.10.1 - Unauthenticated SQL Injection via Listing Grid Load More AJAX Endpoint_CVE-2026-12360 The JetEngine plugin for WordPress is vulnerable to SQL injection in all versions up to and including 3.8.10.1. The listing_load_more AJAX handler ...	Crocoblock	JetEngine	Jun 17, 2026	CVE