HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	7899990D-54A0-	Exploit for Out-of-bounds Read in Tcpdump_7899990D-54A0-59D2-943B-C68DC3E8E714 ENV-CVE-2020-8036 — tcpdump Vulnerability Reproduction Environment This repository contains a snapshot of the reproducible vulnerability environmen...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 7.5	CVE-2026-32966	Apache DolphinScheduler: DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure_CVE-2026-32966 DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler. This issue affects Apach...	Apache Software Foundation	Apache DolphinScheduler	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-9675	undici WebSocket client vulnerable to denial of service via cumulative fragment bypass_CVE-2026-9675 Impact: The undici WebSocket client enforces maxPayloadSize per-frame but does not enforce the cumulative size of fragmented uncompressed messages....	undici	undici 8.0.0	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-53875	picklescan – Scanning Bypass via Dynamic Eval in scan_pytorch_CVE-2026-53875 picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function that allows attackers to embed malicious magic number...	picklescan	picklescan	Jun 17, 2026	CVE
HIGH 8.7	CVE-2026-53872	picklescan – Arbitrary File Read via Unsafe Pickle Deserialization_CVE-2026-53872 picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files ...	picklescan	picklescan	Jun 17, 2026	CVE
HIGH 7.8	CVE-2026-32652	CVE-2026-32652_CVE-2026-32652 Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access c...	Dell	AIOps	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-20190	Cisco Identity Services Engine Information Disclosure Vulnerability_CVE-2026-20190 A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. Th...	Cisco	Cisco Identity Services Engine Software 3.4.0	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-12151	undici WebSocket client vulnerable to denial of service via fragment count bypass_CVE-2026-12151 Impact: The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on ...	undici	undici	Jun 17, 2026	CVE
HIGH 8.7	CVE-2025-71322	PickleScan – Unsafe Globals Check Bypass via pty.spawn Function_CVE-2025-71322 PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals list, allowing attackers to bypass security checks. Maliciou...	PickleScan	PickleScan	Jun 17, 2026	CVE
HIGH 8.6	PACKETSTORM:223698	📄 Discuz! X5.0 Local File Inclusion_PACKETSTORM:223698 This is a Metasploit auxiliary module targeting a local file inclusion vulnerability in Discuz! X5.0...	N/A	N/A	Jun 17, 2026	PACKETSTORM