CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.6	CVE-2026-48866	WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability_CVE-2026-48866 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Travers...	Rocketgenius Inc.	Gravity Forms n/a	Jun 1, 2026	CVE
CRITICAL 9.1	CVE-2026-42682	WordPress wpForo Forum plugin <= 3.0.6 - Broken Access Control vulnerability_CVE-2026-42682 Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue a...	Tomdever	wpForo Forum n/a	Jun 1, 2026	CVE
CRITICAL 9.8	CVE-2026-42680	WordPress Contest Gallery Pro plugin <= 29.0.1 - Privilege Escalation vulnerability_CVE-2026-42680 Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This ...	Wasiliy Strecker / ContestGallery developer	Contest Gallery Pro n/a	Jun 1, 2026	CVE
CRITICAL 9.2	CVE-2026-0826	Poly Voice – Possible Remote Control of Certain Poly Devices_CVE-2026-0826 In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution ...	HP Inc.	poly_trio_8300	Jun 1, 2026	CVE
CRITICAL 9.1	THN:711BE162D07...	⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More_THN:711BE162D073F1D187589FE4F3A55056 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV-leTG-MQremNN5Ju342L6LQMn36xeD4jiS4YWT7EdYluHOtFDqIN8y3bQuV-A0D0wtsO5sRpG3Bpy5xdHh...	N/A	N/A	Jun 1, 2026	THN
CRITICAL 9.2	589E6F35-B762-	Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Strapi_589E6F35-B762-5B4B-B0FB-962CF7D8A206 CVE-2026-27886 Strapi PoC For authorized security testing only. Strapi leaking sensitive data via relational filtering due to lack of query sanitiz...	N/A	N/A	Jun 1, 2026	GITHUBEXPLOIT
CRITICAL 9.1	B28323F0-25A8-	Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os_B28323F0-25A8-5DCC-8A76-D36777FF720C CVE-2026-0257 - Palo Alto Networks GlobalProtect Authentication Override Cookie Forgery Overview CVE-2026-0257 is a medium-severity treat as critic...	N/A	N/A	Jun 1, 2026	GITHUBEXPLOIT
CRITICAL 9.3	591AEE99-21FD-	Exploit for CVE-2026-29000_591AEE99-21FD-5A1C-8280-68F42EB93846 Lab Demo CVE-2026-29000: pac4j-jwt Authentication Bypass Môi trường Lab gọn nhẹ dùng để minh họa và học tập về lỗ hổng CVE-2026-29000 Authenticatio...	N/A	N/A	Jun 1, 2026	GITHUBEXPLOIT
CRITICAL 9.8	E3EC58D4-B32D-	Exploit for CVE-2026-8732_E3EC58D4-B32D-56D8-A0BF-F264EC3BA024 CVE-2026-8732 - WordPress WP Google Map Pro Mass Scanner & Auto Admin Creator 📌 Description This tool exploits CVE-2026-8732, a vulnerability in t...	N/A	N/A	Jun 1, 2026	GITHUBEXPLOIT
CRITICAL 9.8	THN:0ACE1F8B00A...	Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts_THN:0ACE1F8B00AC011E78CEF054F3071566 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR5AZVDVlhPdPOYO4FsyfLsBmtohzgdjmh688BLU6VRpwi-MaKq4XYgE5-ygnQtcUDMKcR8R4-f9IrfiSFpC...	N/A	N/A	Jun 1, 2026	THN