tapic - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.7	CVE-2026-46717	Nezha Monitoring: RoleMember-reachable SSRF with full response-body reflection via POST /api/v1/notification_CVE-2026-46717 Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, nezha's...	nezhahq	nezha >= 1.4.0, < 2.0.8	Jun 12, 2026	CVE
CRITICAL 9.9	CVE-2026-46716	Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron_CVE-2026-46716 Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleM...	nezhahq	nezha >= 1.4.0, < 2.0.8	Jun 12, 2026	CVE
MEDIUM 5.3	CVE-2026-12131	CodeAstro Human Resource Management System Payroll Invoice Payroll.php sql injection_CVE-2026-12131 A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \appl...	CodeAstro	Human Resource Management System 1.0	Jun 12, 2026	CVE
NONE	484E67D2-FECD-	webstrike-framework_484E67D2-FECD-5024-AF09-510AF1A0AC36 WebStrike — Automated Web Pentesting Framework Created by NiMAA. A modular orchestration engine that conducts best-in-class Kali tools through a ph...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT
NONE	HACKREAD:B57203...	Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver Malware_HACKREAD:B5720306F380B6EEC3BB344B8B5E795A Over 20 Linux packages were compromised in the Atomic Arch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.	N/A	N/A	Jun 12, 2026	HACKREAD
NONE	THN:96229A308F6...	Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit_THN:96229A308F6E8434EB574698CBB95EB6 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjoaB3XILLCN-oMr8vicgye6mcqKGYsgqgxPAGunmwASyrP3c7XgAxJTV8tsVPuRSmJ8ia7SZdS8hyphenhyp...	N/A	N/A	Jun 12, 2026	THN
CRITICAL 9.8	F0C31C9B-0A65-	Exploit for CVE-2026-20253_F0C31C9B-0A65-5448-9175-384AF0B76ABF No description provided...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT
HIGH 8.6	5581E532-E0A6-	Exploit for CVE-2026-20230_5581E532-E0A6-5210-9EB3-48C5BA4A5411 CVE-2026-20230 Scanner A Python-based scanner and validation tool for identifying potentially vulnerable Cisco Unified Communications Manager Unifi...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT
HIGH 7.5	3F8B37D2-6288-	Exploit for Uncontrolled Resource Consumption in Solarwinds Serv-U_3F8B37D2-6288-5724-B73B-D65A8373E501 SolarWinds Serv-U Unauthenticated DoS: Safe Detection Script A safe, non-destructive detector for CVE-2026-28318, an unauthenticated denial-of-serv...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT
MEDIUM 5.3	CVE-2026-9641	Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations_CVE-2026-9641 Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which ...	ARODLAND	Crypt::PBKDF2	Jun 12, 2026	CVE