HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	C2EB4AA1-0C70-	Exploit for Memory Allocation with Excessive Size Value in Apache Http_Server_C2EB4AA1-0C70-5104-AF4C-BC274F5A5B7A http2-bomb-detector HTTP/2 Bomb CVE-2026-49975 Non-destructive vulnerability detection tool — for Nginx / Apache httpd Vulnerability Background CVE...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
HIGH 7.5	CVE-2026-9848	WP Ticket <= 6.0.4 - Unauthenticated SQL Injection via WordPress Search 's' Parameter_CVE-2026-9848 The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter (`s`) in versions up to, and including, ...	emarket-design	Customer Support Ticket System & Helpdesk	Jun 13, 2026	CVE
HIGH 7	CVE-2026-54230	Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites_CVE-2026-54230 A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shel...	Red Hat	Red Hat Enterprise Linux 6	Jun 13, 2026	CVE
HIGH 7	CVE-2026-54229	Abrt: chownproblemdir succeeds during active post-create event processing due to inadequate locking_CVE-2026-54229 A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method. ChownProblemDir opens the dump directory with DD_OPEN_READONLY ...	Red Hat	Red Hat Enterprise Linux 6	Jun 13, 2026	CVE
HIGH 7.8	CVE-2026-54228	Abrt: toctou race condition in abrt-dbus setelement allows arbitrary file writes to dump directories_CVE-2026-54228 A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation a...	Red Hat	Red Hat Enterprise Linux 6	Jun 13, 2026	CVE
HIGH 8.7	CVE-2026-53868	Capgo < 12.128.2 - Denial of Service via Unverified Email Account Registration and Deletion_CVE-2026-53868 Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register accounts using arbitrary email addresses without ve...	Capgo	Capgo	Jun 12, 2026	CVE
HIGH 8.7	CVE-2026-53836	OpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases_CVE-2026-53836 OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encode...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 8.2	CVE-2026-53834	OpenClaw < 2026.4.27 - Authorization Bypass in QQBot Pre-dispatch Slash Commands_CVE-2026-53834 OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to ...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 7.4	CVE-2026-53833	OpenClaw < 2026.4.29 - Authorization Bypass via QQBot Streaming Command_CVE-2026-53833 OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders to mutate...	QQBot	QQBot	Jun 12, 2026	CVE
HIGH 7.4	CVE-2026-53832	OpenClaw < 2026.5.18 - Identity Header Forgery via Trusted-Proxy Configuration_CVE-2026-53832 OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity hea...	OpenClaw	OpenClaw	Jun 12, 2026	CVE