HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	MSF:POST-LINUX-	Linux Kernel __ptrace_may_access() Exit Race chage File Disclosure_MSF:POST-LINUX-GATHER-CVE_2026_46333_CHAGE- This module exploits a race condition in the Linux kernel doexit teardown path affecting ptracemayaccess. During process termination, privileged fi...	N/A	N/A	Jun 16, 2026	METASPLOIT
HIGH 7.8	MS:CVE-2026-50656	Microsoft Defender Elevation of Privilege Vulnerability_MS:CVE-2026-50656 Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlan...	N/A	N/A	Jun 16, 2026	MSCVE
HIGH 7.7	THN:C70D8BC2816...	Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting_THN:C70D8BC28161A5329790CE84AF7C8F85 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpiAGZTnvo43enaVYkna4ZSp217mwwW5kW8kZOhaSiLAxicjvHQY-3d8rdLN47bsRvxUIj6R0h_Ttr8NcIJr...	N/A	N/A	Jun 16, 2026	THN
HIGH 8.1	CVE-2026-50891	CVE-2026-50891_CVE-2026-50891 Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request.	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50881	CVE-2026-50881_CVE-2026-50881 Incorrect access control in the impworks Bonsai v6.0 allows authenticated attackers with Editor privileges to escalate privileges to Administrator ...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50875	CVE-2026-50875_CVE-2026-50875 Incorrect access control in the /{form}/webhooks/{webhook} endpoint of Deck9 Input v2.0.1 allows authenticated attackers to arbitrarily modify or d...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50874	CVE-2026-50874_CVE-2026-50874 An OS command injection vulnerability in the /manage/features/media component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arb...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.4	CVE-2026-39118	CVE-2026-39118_CVE-2026-39118 An issue in Iru, Inc Kandji Agent before v.4.7.5(5374) allows a local attacker to escalate privileges via a client validation gap to invoke restric...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 7.3	CVE-2026-12318	Incorrect boundary conditions in the Libraries component in NSS_CVE-2026-12318 Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152.	Mozilla	Firefox 152	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-12317	Memory safety bug fixed in Thunderbird 152_CVE-2026-12317 Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.	Mozilla	Firefox 152	Jun 16, 2026	CVE