CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	THN:31D6A8EEFDC...	ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures_THN:31D6A8EEFDCDC1F07C27210ABC2B2BB4 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilHq1gG2gCazQF6_B9H-W3ck6nmgu3L4IPuzaMg9RMEAbpHyVqfYmFOquQ9_ldT1kG2r1kYUqt-WlpWWvD3D...	N/A	N/A	Jun 16, 2026	THN
NONE	415A117B-A28B-	OffSploit_415A117B-A28B-5B94-A898-C38DDF911AB1 🤖 OffSploit - Automate your security testing tasks effectively OffSploit helps you perform security tests on your own systems. This tool uses loca...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-50890	CVE-2026-50890_CVE-2026-50890 Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This v...	Bernd Bestel	grocy v4.6.0	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-50889	CVE-2026-50889_CVE-2026-50889 An input handling flaw in the HTTP refresh token process of LLDAP v0.6.2 allows attackers to cause a Denial of Service (DoS) via sending a crafted ...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-50888	CVE-2026-50888_CVE-2026-50888 An authenticated Server-Side Request Forgery (SSRF) in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attacker...	n/a	n/a n/a	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-50884	CVE-2026-50884_CVE-2026-50884 Incorrect access control in statping-ng v0.93.0 allows attackers to escalate privileges to Administrator and access sensitive components.	statping	statping-ng 0.93.0	Jun 15, 2026	CVE
CRITICAL 9.1	CVE-2026-12087	Socket versions before 2.041 for Perl have an out-of-bounds heap read_CVE-2026-12087 Socket versions before 2.041 for Perl have an out-of-bounds heap read. In Socket.xs, pack_ip_mreq_source() checks the length of its source argumen...	PEVANS	Socket	Jun 15, 2026	CVE
CRITICAL 9.1	CVE-2026-11832	Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce_CVE-2026-11832 Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce. The default nonce was generated using an MD5 hash of th...	BIAFRA	Dancer2::Plugin::Auth::OAuth	Jun 15, 2026	CVE
CRITICAL 9.1	CVE-2026-12205	Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery_CVE-2026-12205 Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-sign...	TIMLEGGE	Crypt::DSA	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-53899	Cross-origin cookies could be leaked when opening a PDF link_CVE-2026-53899 Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookie...	Mozilla	Firefox for iOS 152.0	Jun 16, 2026	CVE