CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	CVE-2026-46695	BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files_CVE-2026-46695 Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untruste...	boxlite-ai	boxlite < 0.9.0	Jun 10, 2026	CVE
CRITICAL 9.8	4116E80D-924A-	Exploit for Heap-based Buffer Overflow in Microsoft_4116E80D-924A-5725-8D0C-07D1C0469E98 CVE-2026-47291 Overview RCE exploit for CVE-2026-47291 targeting Windows HTTP.sys. Triggers a heap-based buffer overflow through integer overflow i...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.1	642054C4-1CED-	Exploit for CVE-2026-9067_642054C4-1CED-5BD6-887A-6F06F63071F5 POC & Xploit - Proof of Concept Directory Dokumentasi dan exploit untuk vulnerability yang ditemukan di environment WordPress security testing. ---...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.1	CVE-2026-36727	CVE-2026-36727_CVE-2026-36727 An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forge...	bookcars	bookcars v8.3	Jun 9, 2026	CVE
CRITICAL 9.9	CVE-2026-50566	Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation_CVE-2026-50566 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior...	fission	fission < 1.24.0	Jun 10, 2026	CVE
CRITICAL 9.9	CVE-2026-50564	Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape_CVE-2026-50564 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior...	fission	fission < 1.24.0	Jun 10, 2026	CVE
CRITICAL 9.9	CVE-2026-50563	Fission Container Executor Function PodSpec Injection Leading to Node Escape_CVE-2026-50563 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior...	fission	fission < 1.24.0	Jun 10, 2026	CVE
CRITICAL 9.9	CVE-2026-50545	Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover_CVE-2026-50545 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior...	fission	fission < 1.24.0	Jun 10, 2026	CVE
CRITICAL 9.8	CVE-2026-46614	Fission router exposes /fission-function// on its public listener, allowing invocation of any function without an HTTPTrigger_CVE-2026-46614 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior...	fission	fission < 1.23.0	Jun 10, 2026	CVE
CRITICAL 9.8	CVE-2026-20253	Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise_CVE-2026-20253 In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated us...	Splunk	Splunk Enterprise 10.2	Jun 10, 2026	CVE