HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-35259	CVE-2026-35259_CVE-2026-35259 {“lastseen”:””,”description”:””,”published”:”2026-06-16T19:26:54.081Z”,&#82...	Oracle Corporation	WebLogic Server 14.1.2.0.0	Jun 16, 2026	CVE
HIGH 8.7	CVE-2026-35258	CVE-2026-35258_CVE-2026-35258 {“lastseen”:””,”description”:””,”published”:”2026-06-16T19:26:53.762Z”,&#82...	Oracle Corporation	WebLogic Server 14.1.2.0.0	Jun 16, 2026	CVE
HIGH 7.4	CVE-2026-12348	Address Bar Spoofing in Arc Search for Android (window.open race condition)_CVE-2026-12348 Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-con...	The Browser Company of New York`	Arc Search	Jun 16, 2026	CVE
HIGH 7.1	MSF:POST-LINUX-	Linux Kernel __ptrace_may_access() Exit Race chage File Disclosure_MSF:POST-LINUX-GATHER-CVE_2026_46333_CHAGE- This module exploits a race condition in the Linux kernel doexit teardown path affecting ptracemayaccess. During process termination, privileged fi...	N/A	N/A	Jun 16, 2026	METASPLOIT
HIGH 7.8	MS:CVE-2026-50656	Microsoft Defender Elevation of Privilege Vulnerability_MS:CVE-2026-50656 Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlan...	N/A	N/A	Jun 16, 2026	MSCVE
HIGH 7.7	THN:C70D8BC2816...	Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting_THN:C70D8BC28161A5329790CE84AF7C8F85 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpiAGZTnvo43enaVYkna4ZSp217mwwW5kW8kZOhaSiLAxicjvHQY-3d8rdLN47bsRvxUIj6R0h_Ttr8NcIJr...	N/A	N/A	Jun 16, 2026	THN
HIGH 8.1	CVE-2026-50891	CVE-2026-50891_CVE-2026-50891 Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request.	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50881	CVE-2026-50881_CVE-2026-50881 Incorrect access control in the impworks Bonsai v6.0 allows authenticated attackers with Editor privileges to escalate privileges to Administrator ...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50875	CVE-2026-50875_CVE-2026-50875 Incorrect access control in the /{form}/webhooks/{webhook} endpoint of Deck9 Input v2.0.1 allows authenticated attackers to arbitrarily modify or d...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50874	CVE-2026-50874_CVE-2026-50874 An OS command injection vulnerability in the /manage/features/media component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arb...	n/a	n/a n/a	Jun 15, 2026	CVE