CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-40495	FOSSBilling version exposed via asset cache buster_CVE-2026-40495 FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache ...	FOSSBilling	FOSSBilling < 0.8.0	Jun 3, 2026	CVE
LOW 2	CVE-2026-10766	mlrun DataFrame Hash helpers.py mlrun.utils.helpers.calculate_dataframe_hash weak hash_CVE-2026-10766 A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculate_dataframe_hash of the file mlrun/...	n/a	mlrun 1.12.0-rc1	Jun 3, 2026	CVE
CRITICAL 9.8	3BCADBAC-E6C7-	Exploit for Prototype Pollution in Cure53 Dompurify_3BCADBAC-E6C7-5B3A-84E1-6938398220F9 DOMPurify re-clone bypass. Instead of relying on easily stripped source comments or version variables, this tool performs logic fingerprinting on m...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	MSF:EXPLOIT-MULTI-	Gogs Git Rebase Argument Injection RCE_MSF:EXPLOIT-MULTI-HTTP-GOGS_REBASE_RCE- This module exploits an argument injection vulnerability in the pull request merge flow of Gogs is parsed by Git as the --exec flag rather than a p...	N/A	N/A	Jun 3, 2026	METASPLOIT
CRITICAL 9.2	8AD1A192-E34A-	Exploit for CVE-2026-42945_8AD1A192-E34A-5E8C-A3B9-4AAECCED2A20 No description provided...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
MEDIUM 6.5	243CDB42-BE28-	Exploit for CVE-2026-2256_243CDB42-BE28-5810-BB45-078630950EB9 CVE-2026-2256-Threat-Model----ms-agent-Command-Injection...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	MALWAREBYTES:25...	We found this fake-invoice campaign while scammers were still building it_MALWAREBYTES:25837C9966B4BAC9D5751BE5031B9FC8 A new batch of fake payment invoices is being staged right now, and we caught the campaign while it was still being put together. The emails impers...	N/A	N/A	Jun 3, 2026	MALWAREBYTES
NONE	WIRED:1EAF5DF8A...	xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity_WIRED:1EAF5DF8A74C5E2543ACF401BFDFAF11 Four people suing Elon Musk's AI firm under pseudonyms due to the risks of being identified may face a difficult choice: Reveal your real names, or...	N/A	N/A	Jun 3, 2026	WIRED
MEDIUM 5.3	CVE-2026-42507	Arbitrary inputs are included in errors without any escaping in net/textproto_CVE-2026-42507 When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject ...	Go standard library	net/textproto	Jun 2, 2026	CVE
NONE	THN:39C53E79409...	WhatsApp, Slack Notifications Could Hijack Google Gemini on Android_THN:39C53E7940941BA527D7D41B5E56D8C8 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCJpW9I-QTgQOkP7AV3rwUtEOEs96ek2ySR06Go-xq5AThZV84qY3mDN1Dkh0oQ-94jZHc7zB21ax9ljU0dW...	N/A	N/A	Jun 3, 2026	THN