CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-54309	n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions_CVE-2026-54309 n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoi...	n8n-io	n8n >= 2.26.0, < 2.26.2	Jun 23, 2026	CVE
MEDIUM 6.8	CVE-2026-54303	n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints_CVE-2026-54303 n8n is an open source workflow automation platform. Prior to 2.24.0, an endpoint in the Meta and Microsoft Teams trigger nodes reflects a query par...	n8n-io	n8n < 2.24.0	Jun 23, 2026	CVE
HIGH 7.1	CVE-2025-62180	Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs._CVE-2025-62180 Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain...	Pegasystems	Pega Infinity 8.3.0	Jun 23, 2026	CVE
LOW 3.5	CVE-2025-15619	HCL Connections is vulnerable to broken access control_CVE-2025-15619 HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario.	HCLSoftware	Connections 7.0, 8.0	Jun 23, 2026	CVE
CRITICAL 9.8	TRENDMICROBLOG:...	From Langflow to Monero: Inside CVE-2026-33017 Cryptominer_TRENDMICROBLOG:D6D82F6102E243699FEABC242F869EE4 We tracked a cryptocurrency-mining campaign exploiting CVE-2026-33017, which revealed how threat actors are now scanning exposed AI application inf...	N/A	N/A	Jun 23, 2026	TRENDMICROBLOG
NONE	HACKREAD:A41968...	New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto_HACKREAD:A419683ACF762DB1E281C5DEA5248AF1 Microsoft researchers warn of a new dual-action cryptocurrency clipper (CryptoBandits Malware) spreading through USB devices to alter wallet addres...	N/A	N/A	Jun 23, 2026	HACKREAD
NONE	MALWAREBYTES:32...	Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613 Meta has paused a controversial employee‑tracking program after an internal security review found that highly granular keystroke and screen‑capture...	N/A	N/A	Jun 23, 2026	MALWAREBYTES
NONE	AKAMAIBLOG:F7FF...	AI Reconnaissance: The Missing Layer in Chatbot Security_AKAMAIBLOG:F7FF735B9CED18324CEDEF05F2700342 {“lastseen”:”2026-06-23T13:36:50″,”description”:””,”published”:”2026-06-23T15:00:...	N/A	N/A	Jun 23, 2026	AKAMAIBLOG
NONE	DBE8424D-F85A-	Web-Attack-Investigator_DBE8424D-F85A-5901-8C17-A6A967AC334B Web Attack Investigator Ferramenta de investigação de ataques web desenvolvida em Python para análise de logs Apache/Nginx, identificação de indica...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
MEDIUM 5.5	4E361A66-0287-	Exploit for Path Traversal in Microsoft_4E361A66-0287-5D9D-9DA5-91D2EF34D2CB 🛡️ NimbusPWN-CVE-2022-29799-29800 - Test local privilege escalation security flaws 📖 About this tool This software helps security researchers stud...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT