CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7	CVE-2026-42317	GLPI vulnerable to arbitrary files deletion by technician_CVE-2026-42317 GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, a technician can delete...	glpi-project	glpi >= 11.0.0, < 11.0.7	Jun 3, 2026	CVE
MEDIUM 6.3	CVE-2026-3276	Potential DoS via quadratic complexity in unicodedata.normalize()_CVE-2026-3276 unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters wi...	Python Software Foundation	CPython	Jun 3, 2026	CVE
NONE	THN:EBEF4474475...	Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT_THN:EBEF4474475574D09B83167D16690C6D ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpQ6QXxFH4zkfeHGdcm1WXVcNXMpyJm-1dlZLbFCdp6rKDRhuwICzYaKaR-rCpn61qod6A1F98PZejZbmYux...	N/A	N/A	Jun 3, 2026	THN
NONE	QUALYSBLOG:CB6A...	Stop Patching at Human Speed: Peer-to-Peer (P2P) Distribution Closes the Remediation Gap Before Attackers Strike_QUALYSBLOG:CB6AB0F22D373D44641F0A459EDB5DFD * * * #### Executive Summary _Knowing what’s exploitable is only half the battle. P2P patch distribution turns your endpoints into a delivery net...	N/A	N/A	Jun 3, 2026	QUALYSBLOG
NONE	8D02FC42-E11E-	ParamStriker_8D02FC42-E11E-5436-870C-E4CD77B99D8D ParamStriker Offline JSON & Query Parameter Exploit Framework by Mohnad Alshobaili · X: @Mohnad ParamStriker is a offensive, offline payload-genera...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	D2A2BDA2-A827-	Exploit for CVE-2026-35904_D2A2BDA2-A827-5C81-ACD9-A68148EC42CC T3 Technology CPE — Security Advisories Multiple critical vulnerabilities discovered in T3 Technology CPE ONU/Router devices deployed by TrueOnline...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
HIGH 7.7	THN:080A0E674D1...	Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag_THN:080A0E674D16A0E41BA6F5E8E1F2D4E0 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_pEYWDRVadGL0WYM3iSY6jqFgBez8snXgoyeyAzcXNmxiytv-FgiKoBJX3aPivuYhSJjXp4o_zO1dQSIPUf...	N/A	N/A	Jun 3, 2026	THN
NONE	FEF41599-6B58-	1click-gh-token-stealing-via-vscode-POC_FEF41599-6B58-5BDB-BB48-0E38230B7291 1-Click GitHub Token Stealing via VSCode Proof-of-Concept exploit for a critical VS Code zero-day vulnerability that allows attackers to steal GitH...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
MEDIUM 6.3	CVE-2026-35716	CVE-2026-35716_CVE-2026-35716 A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers t...	n/a	n/a n/a	Jun 2, 2026	CVE
HIGH 7.3	CVE-2026-30649	CVE-2026-30649_CVE-2026-30649 Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component	n/a	n/a n/a	Jun 2, 2026	CVE