news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-49954	Discuz! X5.0 Local File Inclusion via enable_disable.php Plugin Directory_CVE-2026-49954 Discuz! X5.0 releases 20260320 through 20260501 contain a local file inclusion vulnerability that allows authenticated administrators to execute ar...	Discuz!	Discuz! X5.0 20260320	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-49953	Discuz! X5.0 CAPTCHA Bypass via Predictable Character Set_CVE-2026-49953 Discuz! X5.0 releases 20260320 through 20260501 contains a CAPTCHA bypass vulnerability that allows unauthenticated remote attackers to defeat chal...	Discuz!	Discuz! X5.0 20260320	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-49952	Discuz! X5.0 Authentication Bypass via dbbak.php Encryption Oracle_CVE-2026-49952 Discuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to gai...	Discuz!	Discuz! X5.0 20260320	Jun 15, 2026	CVE
CRITICAL 9.8	CVE-2026-48114	Metacat has an unauthenticated SQL injection vulnerability_CVE-2026-48114 Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthentica...	NCEAS	metacat >= 2.0.0, < 3.0.0	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-47835	Spring AI vector store metadata filtering to handle special characters in Elasticsearch, OpenSearch, and GemFire Vector Stores_CVE-2026-47835 In Spring AI Vector Stores, special characters could be used to force the execution of arbitrary queries in Elasticsearch, OpenSearch, and GemFire ...	Spring	Spring AI 1.0.0	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-11527	Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle_CVE-2026-11527 Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_...	SHLOMIF	Config::IniFiles	Jun 14, 2026	CVE
HIGH 7.5	CVE-2026-41708	Spring Cloud Sleuth instrumentation of Spring TX DoS vulnerability_CVE-2026-41708 In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service (DoS) condition. The applic...	Spring	Spring Cloud Sleuth 3.1.0	Jun 15, 2026	CVE
MEDIUM 6.8	CVE-2026-11931	Insecure Permissions on Authentication Token Cache File in Kiro IDE_CVE-2026-11931 Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other loca...	AWS	Kiro IDE	Jun 15, 2026	CVE
NONE	PACKETSTORM:223427	📄 InnoShop 0.8.2 File Manager File Deletion / Path Traversal_PACKETSTORM:223427 This Metasploit module exploits a path traversal vulnerability in the InnoShop version 0.8.2's File Manager API. The destroyFiles endpoint does not...	N/A	N/A	Jun 15, 2026	PACKETSTORM
NONE	PACKETSTORM:223456	📄 Netis N5VN AC1200 1.0.1.1742 Buffer Overflow / Denial of Service_PACKETSTORM:223456 A buffer overflow vulnerability in the Netis N5VN AC1200 router allows an attacker to crash the web server by sending a crafted request. Version 1....	N/A	N/A	Jun 15, 2026	PACKETSTORM