CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.6	CVE-2026-46609	Umbraco.Cms: XSS/HTML Injection in Umbraco Backoffice confirmation dialog_CVE-2026-46609 Umbraco is an ASP.NET CMS. From version 14.0.0 to before version 17.4.0, authenticated users are able to inject HTML into an input field, which is ...	umbraco	Umbraco-CMS >= 14.0.0, < 17.4.0	Jun 10, 2026	CVE
HIGH 7.3	PACKETSTORM:223138	📄 IO-Compress 2.219 Eval Injection_PACKETSTORM:223138 An eval injection vulnerability in File::GlobMapper::getFiles allows any attacker who can control the output fileglob argument passed to IO::Compre...	N/A	N/A	Jun 10, 2026	PACKETSTORM
HIGH 7.8	8C72560D-2636-	Exploit for Improper Encoding or Escaping of Output in Cisco Catalyst_Sd-Wan_Manager_8C72560D-2636-5AF7-9D4F-7FFB1220841A CVE-2026-20245 - Cisco SD-WAN Privilege Escalation Exploit ⚠️ ADVERTENCIA Este código es SOLO para fines educativos y pruebas de seguridad autoriza...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
NONE	AKAMAIBLOG:00AB...	AI Security at Machine Speed: A Roadmap for Modern AppSec_AKAMAIBLOG:00ABA4870084DBC353F210490AF2A2E9 With AI API calls set to grow 1,000x by 2027, you need a roadmap to secure your enterprise against agentic threats.	N/A	N/A	Jun 10, 2026	AKAMAIBLOG
NONE	IMPERVABLOG:D06...	Compromise OpenClaw with Prompt Injections in Message Objects_IMPERVABLOG:D06A355BA05D202BF3E55F55482F3703 ## Executive Summary As powerful personal AI assistants become increasingly widespread, their ability to access tools, files, and external service...	N/A	N/A	Jun 10, 2026	IMPERVABLOG
NONE	QUALYSBLOG:447B...	Turning Millions of Risks Into One Actionable List_QUALYSBLOG:447BE922EBAC78917EAF0D9F71F3F9A4 Every security leader walks into Monday morning with the same question. The findings are there. The dashboards are running. But out of the thousand...	N/A	N/A	Jun 10, 2026	QUALYSBLOG
NONE	HACKREAD:C2F426...	ServiceNow Discloses Security Incident Exposing Customer Data_HACKREAD:C2F426599D1D2627248D0199E9B36EA3 ServiceNow applied a security update after an API access issue exposed customer data, with affected firms notified through direct support cases.	N/A	N/A	Jun 10, 2026	HACKREAD
NONE	MSSECURE:1ECB34...	Turn specs into evals for any agent with ASSERT_MSSECURE:1ECB348FC0AA441A218114758381F79D Today, we’re releasing Adaptive Spec-driven Scoring for Evaluation and Regression Testing (ASSERT), an open-source framework for turning natural-la...	N/A	N/A	Jun 10, 2026	MSSECURE
CRITICAL 9.8	THN:F7E7D468AF7...	China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance_THN:F7E7D468AF7210FBEDEFCF347D48B054 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQC0_BYMuNpY7re4OHHsytEfC6fW3KsonxN6e2X0Dj03fJoMazI6EZnvPj_hOUZ99yJLq6RrH3ZSCsfDWOB6...	N/A	N/A	Jun 10, 2026	THN
HIGH 8.5	PACKETSTORM:223093	📄 Chatwoot 4.11.1 SQL Injection_PACKETSTORM:223093 This Metasploit module targets an authenticated SQL injection vulnerability in the conversation filtering functionality of Chatwoot instances up to...	N/A	N/A	Jun 10, 2026	PACKETSTORM