CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.6	CVE-2026-44211	Cline Kanban Server has a Cross-Origin WebSocket Hijacking Vulnerability_CVE-2026-44211 Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hij...	cline	cline <= 2.13.0	Jun 1, 2026	CVE
CRITICAL 9.3	CVE-2026-42672	WordPress WP Directory Kit plugin <= 1.5.1 - SQL Injection vulnerability_CVE-2026-42672 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blin...	Wp Directory Kit	WP Directory Kit n/a	Jun 1, 2026	CVE
CRITICAL 9.4	CVE-2026-8931	Critical RCE vulnerability in Disig Web Signer_CVE-2026-8931 A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3.	Disig	Web Signer 2.0.3	Jun 1, 2026	CVE
CRITICAL 9.8	CVE-2026-48879	WordPress AIWU plugin <= 1.4.17 - Privilege Escalation vulnerability_CVE-2026-48879 Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This issue affects AIWU: from n/a through 1.4.17.	Sergey	AIWU n/a	Jun 1, 2026	CVE
CRITICAL 9.6	CVE-2026-48866	WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability_CVE-2026-48866 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Travers...	Rocketgenius Inc.	Gravity Forms n/a	Jun 1, 2026	CVE
CRITICAL 9.1	CVE-2026-42682	WordPress wpForo Forum plugin <= 3.0.6 - Broken Access Control vulnerability_CVE-2026-42682 Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue a...	Tomdever	wpForo Forum n/a	Jun 1, 2026	CVE
CRITICAL 9.8	CVE-2026-42680	WordPress Contest Gallery Pro plugin <= 29.0.1 - Privilege Escalation vulnerability_CVE-2026-42680 Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This ...	Wasiliy Strecker / ContestGallery developer	Contest Gallery Pro n/a	Jun 1, 2026	CVE
CRITICAL 9.2	CVE-2026-0826	Poly Voice – Possible Remote Control of Certain Poly Devices_CVE-2026-0826 In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution ...	HP Inc.	poly_trio_8300	Jun 1, 2026	CVE
CRITICAL 9.1	THN:711BE162D07...	⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More_THN:711BE162D073F1D187589FE4F3A55056 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV-leTG-MQremNN5Ju342L6LQMn36xeD4jiS4YWT7EdYluHOtFDqIN8y3bQuV-A0D0wtsO5sRpG3Bpy5xdHh...	N/A	N/A	Jun 1, 2026	THN
CRITICAL 9.2	589E6F35-B762-	Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Strapi_589E6F35-B762-5B4B-B0FB-962CF7D8A206 CVE-2026-27886 Strapi PoC For authorized security testing only. Strapi leaking sensitive data via relational filtering due to lack of query sanitiz...	N/A	N/A	Jun 1, 2026	GITHUBEXPLOIT