CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.4	CVE-2026-42321	GLPI has stored XSS in asset locks_CVE-2026-42321 GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to version 10.0.25, a technician can store an XSS pay...	glpi-project	glpi >= 10.0.4, < 10.0.25	Jun 3, 2026	CVE
MEDIUM 5.9	CVE-2026-42320	GLPI vulnerable to arbitrary file access_CVE-2026-42320 GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read a...	glpi-project	glpi >= 11.0.0, < 11.0.7	Jun 3, 2026	CVE
HIGH 7	CVE-2026-42318	GLPI Vulnerable to Arbitrary Item Deletion via Planning Endpoint_CVE-2026-42318 GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 10.0.25 and 11.0.7, low privilege users wi...	glpi-project	glpi >= 11.0.0, < 11.0.7	Jun 3, 2026	CVE
HIGH 7	CVE-2026-42317	GLPI vulnerable to arbitrary files deletion by technician_CVE-2026-42317 GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, a technician can delete...	glpi-project	glpi >= 11.0.0, < 11.0.7	Jun 3, 2026	CVE
MEDIUM 6.3	CVE-2026-3276	Potential DoS via quadratic complexity in unicodedata.normalize()_CVE-2026-3276 unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters wi...	Python Software Foundation	CPython	Jun 3, 2026	CVE
NONE	THN:EBEF4474475...	Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT_THN:EBEF4474475574D09B83167D16690C6D ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpQ6QXxFH4zkfeHGdcm1WXVcNXMpyJm-1dlZLbFCdp6rKDRhuwICzYaKaR-rCpn61qod6A1F98PZejZbmYux...	N/A	N/A	Jun 3, 2026	THN
NONE	QUALYSBLOG:CB6A...	Stop Patching at Human Speed: Peer-to-Peer (P2P) Distribution Closes the Remediation Gap Before Attackers Strike_QUALYSBLOG:CB6AB0F22D373D44641F0A459EDB5DFD * * * #### Executive Summary _Knowing what’s exploitable is only half the battle. P2P patch distribution turns your endpoints into a delivery net...	N/A	N/A	Jun 3, 2026	QUALYSBLOG
NONE	8D02FC42-E11E-	ParamStriker_8D02FC42-E11E-5436-870C-E4CD77B99D8D ParamStriker Offline JSON & Query Parameter Exploit Framework by Mohnad Alshobaili · X: @Mohnad ParamStriker is a offensive, offline payload-genera...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	D2A2BDA2-A827-	Exploit for CVE-2026-35904_D2A2BDA2-A827-5C81-ACD9-A68148EC42CC T3 Technology CPE — Security Advisories Multiple critical vulnerabilities discovered in T3 Technology CPE ONU/Router devices deployed by TrueOnline...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
HIGH 7.7	THN:080A0E674D1...	Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag_THN:080A0E674D16A0E41BA6F5E8E1F2D4E0 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_pEYWDRVadGL0WYM3iSY6jqFgBez8snXgoyeyAzcXNmxiytv-FgiKoBJX3aPivuYhSJjXp4o_zO1dQSIPUf...	N/A	N/A	Jun 3, 2026	THN