HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.8	CVE-2026-0153	CVE-2026-0153_CVE-2026-0153 In Write of msg_to_host_buffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of...	Google	Android Android kernel	Jun 16, 2026	CVE
HIGH 7.1	CVE-2026-9570	Taskbuilder < 5.0.8 - Reflected XSS via Shortcode_CVE-2026-9570 The Taskbuilder WordPress plugin before 5.0.8 does not properly sanitise a URL parameter before echoing it into inline JavaScript on a frontend pa...	Unknown	Taskbuilder	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-8089	weMail < 2.1.3 - Reflected Cross-Site Scripting_CVE-2026-8089 The weMail: Email Marketing, Email Automation, Newsletters, Subscribers & Email Optins for WooCommerce WordPress plugin before 2.1.3 does not prope...	Unknown	weMail: Email Marketing, Email Automation, Newsletters, Subscribers & Email Optins for WooCommerce	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-9690	WordPress WP Media folder Addon plugin <= 4.0.1 - Arbitrary File Download vulnerability_CVE-2026-9690 Unauthenticated Arbitrary File Download in WP Media folder Addon	Joomunited	WP Media folder Addon n/a	Jun 17, 2026	CVE
HIGH 7.2	CVE-2026-5667	Information Disclosure, Information Tampering, or Denial-of-Service (DoS) Vulnerability in Multiple Home Appliances_CVE-2026-5667 Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Room Air Conditioners (for Japan and outside Japan); Wireless LAN Adapters for R...	Mitsubishi Electric Corporation	Room Air Conditioners (for Japan) MSZ-BKR2223-W 42.00 and prior	Jun 17, 2026	CVE
HIGH 8.8	CVE-2026-54805	WordPress Falang multilanguage plugin <= 1.4.2 - Privilege Escalation vulnerability_CVE-2026-54805 Subscriber Privilege Escalation in Falang multilanguage	sbouey	Falang multilanguage n/a	Jun 17, 2026	CVE
HIGH 7.6	CVE-2026-54804	WordPress Melhor Envio plugin <= 2.16.3 - Broken Authentication vulnerability_CVE-2026-54804 Subscriber Broken Authentication in Melhor Envio	melhorenvio	Melhor Envio n/a	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-54802	WordPress SMS Alert Order Notifications plugin <= 3.9.3 - Broken Authentication vulnerability_CVE-2026-54802 Unauthenticated Broken Authentication in SMS Alert Order Notifications	Cozy Vision Technologies Pvt. Ltd.	SMS Alert Order Notifications n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54195	WordPress JetFormBuilder plugin <= 3.6.0.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-54195 Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder	Jetmonsters	JetFormBuilder n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54192	WordPress Popup box plugin <= 6.2.9 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-54192 Unauthenticated Cross Site Scripting (XSS) in Popup box	Ays Pro	Popup box n/a	Jun 17, 2026	CVE