CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2026-9067	Schema & Structured Data for WP & AMP < 1.60 - Unauthenticated Arbitrary Media Upload_CVE-2026-9067 The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers a...	Unknown	Schema & Structured Data for WP & AMP	Jun 10, 2026	CVE
CRITICAL 9.8	CVE-2025-6254	Doctreat Core <= 1.6.8 - Unauthenticated Privilege Escalation_CVE-2025-6254 The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.6.8. This is due to the doctre...	AmentoTech	Doctreat Core	Jun 10, 2026	CVE
CRITICAL 9.8	THN:DBB7D43EBD3...	Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs_THN:DBB7D43EBD32D9B6D51C0558B77E438D ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDOIX9PorKjXDciuKmL8xLL9vrOVtBou5tBhn4T-u7cgllDKei3HRDr8vsXGM-MllL1eb6E_pdEID5s_sRUx...	N/A	N/A	Jun 10, 2026	THN
CRITICAL 10	D08D4EF5-0307-	Exploit for CVE-2026-10520_D08D4EF5-0307-5336-8253-F56FE19CCC6B CVE-2026-10520 — Ivanti Sentry Mass Scanner Detection scanner for CVE-2026-10520, an OS command injection vulnerability in Ivanti Sentry. Vulnerabi...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.1	2C789584-82FD-	Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os_2C789584-82FD-5503-B3B1-B5B9573BD5DA 🚨 CVE-2026-0257 – PAN-OS GlobalProtect Authentication Bypass Security research, technical analysis, detection guidance, IOC collection, and defens...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.1	C1CCFFF3-2CB0-	Exploit for Incorrect Authorization in Vercel Next.Js_C1CCFFF3-2CB0-5007-ACAB-0173D4F36B96 CVE-2025-29927 Lab Minimal reproduction lab for CVE-2025-29927 — Next.js middleware authorization bypass CVSS 9.1. Companion to: N-Day Analysis wri...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.3	CVE-2026-45328	ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers_CVE-2026-45328 ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, the esp_tee component exposes secure-service wr...	espressif	esp-idf = 5.5.4	Jun 10, 2026	CVE
CRITICAL 9.2	CVE-2025-66276	QTS_CVE-2025-66276 QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later	QNAP Systems Inc.	QTS 5.2.0	Jun 10, 2026	CVE
CRITICAL 10	CVE-2026-48303	Adobe Campaign Classic (ACC) \| Incorrect Authorization (CWE-863)_CVE-2026-48303 Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in ar...	Adobe	Adobe Campaign Classic (ACC)	Jun 9, 2026	CVE
CRITICAL 10	CVE-2026-47938	Adobe Campaign Classic (ACC) \| Server-Side Request Forgery (SSRF) (CWE-918)_CVE-2026-47938 Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could re...	Adobe	Adobe Campaign Classic (ACC) 7.4.3 build 9394 and earlier	Jun 9, 2026	CVE