CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.7	CVE-2026-20254	Information Disclosure through External Content Restriction Bypass in Splunk Enterprise_CVE-2026-20254 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2...	Splunk	Splunk Enterprise 10.2	Jun 10, 2026	CVE
CRITICAL 9.8	CVE-2026-20253	Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise_CVE-2026-20253 In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated us...	Splunk	Splunk Enterprise 10.2	Jun 10, 2026	CVE
HIGH 7.6	CVE-2026-20252	Server-Side Request Forgery (SSRF) through Dashboard Studio PDF Export in Splunk Enterprise_CVE-2026-20252 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.25...	Splunk	Splunk Enterprise 10.2	Jun 10, 2026	CVE
HIGH 8.8	CVE-2026-20251	Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway_CVE-2026-20251 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507....	Splunk	Splunk Enterprise, Splunk Cloud Platform, Splunk Secure Gateway 10.2.4, 10.0.7, 9.4.12, 9.3.13, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, 9.3.2411.132, 3.10.6, 3.9.20, 3.8.67	Jun 10, 2026	CVE
MEDIUM 4.7	CVE-2026-11596	CVE-2026-11596_CVE-2026-11596 In ScreenConnect™ versions prior to 26.2, input validation within the Host Pass creation functionality could allow an authenticated user with Host ...	ConnectWise	ScreenConnect All versions prior to 26.2	Jun 10, 2026	CVE
HIGH 7.3	CVE-2026-11417	OS Command Injection in NodejsFunction Bundling in aws-cdk-lib_CVE-2026-11417 OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 (2.246.0 on Windows) might allow an actor who cont...	AWS	AWS Cloud Development Kit library	Jun 10, 2026	CVE
MEDIUM 5.4	CVE-2026-11626	Local Privilege Escalation in Symantec Endpoint Protection macOS CleanWipe Removal Tool_CVE-2026-11626 CleanWipe Removal Tool (macOS), prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whe...	Broadcom	Symantec Endpoint Protection CleanWipe Removal Tool 16.0.0.65	Jun 10, 2026	CVE
MEDIUM 5.3	CVE-2026-10740	Excessive memory allocation in s2n-quic_CVE-2026-10740 Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of...	AWS	s2n-quic	Jun 10, 2026	CVE
NONE	EAA30576-08C9-	Exploit for CVE-2026-49413_EAA30576-08C9-53A7-9133-3FE75D35DC8A ...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
NONE	MALWAREBYTES:95...	Free Spotify Premium hacks on social media are spreading infostealers_MALWAREBYTES:95A8ECD9872DF7229220B505B4643076 Short-form video platforms like TikTok and Instagram Reels have become the latest way cybercriminals spread malware. We've already seen attackers ...	N/A	N/A	Jun 10, 2026	MALWAREBYTES