HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-10823	YMC Smart Filter < 3.11.3 - Unauthenticated Private/Draft Post Disclosure_CVE-2026-10823 The YMC Filter WordPress plugin before 3.11.3 does not properly authorize access to one of its REST API endpoints and does not validate a user-supp...	Unknown	YMC Filter	Jun 26, 2026	CVE
HIGH 7.7	CVE-2026-57920	CVE-2026-57920_CVE-2026-57920 Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} endpoints.	Peplink	InControl	Jun 26, 2026	CVE
HIGH 8	CVE-2026-40711	CVE-2026-40711_CVE-2026-40711 Dell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contain(s) ...	Dell	Container Storage Modules	Jun 26, 2026	CVE
HIGH 8.8	THN:6D4443E362E...	New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets_THN:6D4443E362E8561963B28C32694425B5 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidrcFiZh5KSQ9sYpF7Fafoy8kYny6olyD5WlY_oaAdYt0krMeOL8eNiTItqYmEmJ55wueKdZJlhIKMun7kwQ...	N/A	N/A	Jun 26, 2026	THN
HIGH 8.8	CF7939CB-77F8-	Exploit for CVE-2026-43503_CF7939CB-77F8-5507-B35A-608D578D47B0 No description provided...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 7.1	CVE-2026-57918	CVE-2026-57918_CVE-2026-57918 libnfs through 6.0.2 before f0b109d has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection to a cra...	sahlberg	libnfs	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57913	CVE-2026-57913_CVE-2026-57913 Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts.	Johnson & Johnson	Audit Tracking Management System	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57912	CVE-2026-57912_CVE-2026-57912 Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by in...	Johnson & Johnson	Campus Recruiting	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-13325	Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces_CVE-2026-13325 A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the t...	Red Hat	Red Hat OpenShift Virtualization 4	Jun 26, 2026	CVE
HIGH 7.1	CVE-2025-7958	CVE-2025-7958_CVE-2025-7958 A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using t...	Trellix	Trellix Network Security NX, EX, FX, AX, and CMS 10.0.4	Jun 26, 2026	CVE