CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-21025	CVE-2026-21025_CVE-2026-21025 Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.	Samsung Mobile	Samsung Mobile Devices SMR Jun-2026 Release in Android 14, 15, 16	Jun 5, 2026	CVE
MEDIUM 4.6	CVE-2026-21017	CVE-2026-21017_CVE-2026-21017 Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged fi...	Samsung Mobile	Samsung Mobile Devices SMR Jun-2026 Release in Android 14, 15, 16	Jun 5, 2026	CVE
HIGH 8.5	CVE-2026-11347	Hardcoded Cryptographic Keys and Weak IV Generation in Linqi Application_CVE-2026-11347 The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dy...	linqi GmbH	linqi	Jun 5, 2026	CVE
CRITICAL 9.8	CVE-2026-6274	Authentication Bypass in DTS Electronics’ Redline WR3200_CVE-2026-6274 Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd....	DTS Electronics Industry and Trade Ltd. Co.	Redline WR3200 7.1.3	Jun 5, 2026	CVE
CRITICAL 10	CVE-2026-49777	WordPress Product Slider Pro for WooCommerce plugin < 3.5.3 - Backdoor vulnerability_CVE-2026-49777 Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software ...	ShapedPlugin, LLC	Product Slider Pro for WooCommerce n/a	Jun 5, 2026	CVE
HIGH 7.8	CVE-2026-11332	Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution_CVE-2026-11332 A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml f...	Red Hat	Red Hat Ansible Automation Platform 2	Jun 5, 2026	CVE
CRITICAL 9.8	5DAC9852-285D-	Exploit for Stack-based Buffer Overflow in Microsoft_5DAC9852-285D-528A-B3B2-6FE134F40C51 CVE-2026-41089 !TIP If the setup does not start, add the folder to the allowed list or pause protection for a few minutes. !CAUTION Some security s...	N/A	N/A	Jun 5, 2026	GITHUBEXPLOIT
HIGH 7.2	7239610D-FB67-	Exploit for Server-Side Request Forgery in Apeworx Web3.Py_7239610D-FB67-5EDA-8E6D-DDC6D8735AE5 CVE-2026-40072 SSRF Lab Hands-on local lab to demonstrate CVE-2026-40072 in web3.py, show the SSRF impact in Burp Suite, and verify the official fi...	N/A	N/A	Jun 5, 2026	GITHUBEXPLOIT
CRITICAL 9.8	THN:B290527C461...	Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites_THN:B290527C461D0B41AF1634957218991E ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgKOwHRwFSrcOI7vBYVGbebtc3DwR3w7SYc9l7FUXp1yXc_N2MbNNlEXtfRjVneU4wz2YB8PqC_k54o_6ZpB...	N/A	N/A	Jun 5, 2026	THN
LOW 2.7	CVE-2026-9088	Keycloak: keycloak: information disclosure due to user profile permission bypass_CVE-2026-9088 A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permi...	Red Hat	Red Hat Build of Keycloak	Jun 5, 2026	CVE