CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2026-54089	File Browser: Authentication Bypass via Proxy Auth Header Forgery_CVE-2026-54089 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Starting w...	filebrowser	filebrowser >= 2.0.0-rc.1	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2026-54088	File Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)_CVE-2026-54088 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2...	filebrowser	filebrowser < 2.63.6	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2026-54849	WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.11 - SQL Injection vulnerability_CVE-2026-54849 Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce	Premmerce	Premmerce Wishlist for WooCommerce 1.1.11	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2026-54843	WordPress MDTF plugin <= 1.3.7 - SQL Injection vulnerability_CVE-2026-54843 Unauthenticated SQL Injection in MDTF	PluginUs.Net	MDTF n/a	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2026-54836	WordPress Filter & Grids plugin <= 3.11.5 - SQL Injection vulnerability_CVE-2026-54836 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YMC Filter allows SQL Injection. This issue ...	YMC	YMC Filter n/a	Jun 25, 2026	CVE
CRITICAL 9.9	CVE-2026-54823	WordPress Widget Options plugin <= 4.2.3 - Remote Code Execution (RCE) vulnerability_CVE-2026-54823 Contributor Remote Code Execution (RCE) in Widget Options	MarketingFire	Widget Options n/a	Jun 25, 2026	CVE
CRITICAL 9.8	CVE-2026-41120	CVE-2026-41120_CVE-2026-41120 Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability. A lo...	Dell	Wyse Management Suite	Jun 25, 2026	CVE
CRITICAL 9.6	MALWAREBYTES:FE...	Update Chrome to patch critical browser security flaws_MALWAREBYTES:FE1D282863E6BA1A4D5E36C709BE006D Google released a security update for Chrome that fixes 18 vulnerabilities, including four rated Critical. There is no indication that any of these...	N/A	N/A	Jun 25, 2026	MALWAREBYTES
CRITICAL 9.2	E06F62BF-FA49-	Exploit for Command Injection in Tenda Ac8_Firmware_E06F62BF-FA49-5F5D-A835-777DE385E17D CVE-2026-42530 — Safe-Check Scanner Non-destructive mass scanner for the NGINX HTTP/3 QUIC use-after-free Inventory which of your hosts are exposed...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
CRITICAL 10	CVE-2026-46752	Apache Kvrocks: Stack buffer overflow in Lua bit.tohex()_CVE-2026-46752 Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are...	Apache Software Foundation	Apache Kvrocks 2.0.4	Jun 25, 2026	CVE