HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	949595CB-7616-	Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox_949595CB-7616-5CAF-AA71-9F8FB7EA1FD8 🚨 CVE-2024-4367 - Universal PDF.js Vulnerability Scanner ⚠️ CRITICAL SECURITY TOOL \| Detects CVE-2024-4367 CVSS 9.8 - PDF.js Remote Code Execution...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
HIGH 10	5D2DB41E-8DDC-	Ingram-Pro_5D2DB41E-8DDC-532D-87E6-D954A3D5D19B Ingram-Pro Network Camera Vulnerability Scanner Enhanced Edition Based on the original Ingram framework, Ingram-Pro extends coverage with 40+ POCs ...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
HIGH 8.7	0AE8E76C-CF25-	Exploit for CVE-2026-7574_0AE8E76C-CF25-54D7-B820-018A4B6FC60D 🚨 CVE-2026-7574 — Claude Desktop Cowork VM Integrity Bypass Anthropic Claude Desktop Cowork VM Image Integrity Bypass 🔥 Local Persistence Through...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
HIGH 8.2	CVE-2026-12490	Bypass of client certificate verification with transfer over TLS_CVE-2026-12490 When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no...	NLnet Labs	NSD 4.10.1	Jun 25, 2026	CVE
HIGH 7.2	CVE-2026-12246	Out of bounds stack write with crafted APL RR_CVE-2026-12246 NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite...	NLnet Labs	NSD 4.14.0	Jun 25, 2026	CVE
HIGH 8.7	CVE-2026-12245	Denial of DNS over TLS service by any DoT client_CVE-2026-12245 NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be tri...	NLnet Labs	NSD 4.13.0	Jun 25, 2026	CVE
HIGH 8.7	CVE-2026-12244	Heap overflow and crash with crafted SVCB RR_CVE-2026-12244 If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted S...	NLnet Labs	NSD 4.14.0	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-12937	Tourfic <= 2.22.7 - Unauthenticated SQL Injection via 'post_id' Parameter_CVE-2026-12937 The Tourfic – AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin plugin for WordPress is vulnerable to generic SQL Injection vi...	themefic	Tourfic – AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin	Jun 25, 2026	CVE
HIGH 8.1	F078596F-EF09-	Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple_F078596F-EF09-5AD1-A7D9-223B4CA40A59 CVE-2019-9053 — CMS Made Simple SQLi Exploit Python 3 Disclaimer: This tool is intended for authorized penetration testing and educational purposes...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
HIGH 7.8	THN:AD3AD8530F9...	Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access_THN:AD3AD8530F92B6335CE622AD7B31FDE5 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3UeGaI_Ej8KFu7-vQHTOuoohYdx04xIdI3W2B6JjCdaTSR6m-y1PAZ-aes-tH9nxtPGO2sFUiu1NwYkwT5s...	N/A	N/A	Jun 25, 2026	THN