CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	H1:3803415	curl: Secure cookies leaked to HTTP origins through HTTPS forwarding proxy_H1:3803415 ## Summary: When curl accesses an `http://` origin through an HTTPS forwarding proxy, it sends Secure cookies in the request. The cookies travel in...	N/A	N/A	Jun 15, 2026	HACKERONE
NONE	HACKREAD:C96CEA...	Feds Seize CFAKE and SOCFAKE Over Explicit Deepfakes of Famous Women_HACKREAD:C96CEA8B9566704A0DFB88811DD010FA Both CFAKE and SOCFAKE (CFAKE.com and SOCFAKE.com) were seized after prosecutors said they hosted nonconsensual nude digital forgeries of famous wo...	N/A	N/A	Jun 15, 2026	HACKREAD
HIGH 8.8	THN:856A8FFBDB6...	⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More_THN:856A8FFBDB69929C783A53A3AC085A13 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOtdohah5P1Lv9egIZCwwxpEdcV4phYigmhvgzB3ulDhSeeffe4qDsVoowrzaTD6WsgwyjKIdJ_vzvnsUJ78...	N/A	N/A	Jun 15, 2026	THN
MEDIUM 5.3	CVE-2026-8385	WP Go Maps < 10.0.10 - Unauthenticated Sensitive Information Disclosure via Datatables AJAX Fallback_CVE-2026-8385 The WP Go Maps WordPress plugin before 10.0.10 does not properly enforce the marker approval filter on the admin-ajax fallback for its datatables ...	Unknown	WP Go Maps	Jun 15, 2026	CVE
MEDIUM 6.3	CVE-2026-6517	Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed_CVE-2026-6517 Mattermost Desktop App versions	Mattermost	Mattermost	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-5242	Code Injection in Mia Technologies’ Pizzy Library_CVE-2026-5242 Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue aff...	MIA Technology Inc.	Pizzy Library 1.0.0.26250	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-5233	Missing Rate Limiting in Mia Technologies’ Pizzy Library_CVE-2026-5233 Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding. This issue affects Pizzy Library: fr...	MIA Technology Inc.	Pizzy Library 1.0.0.26250	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-5230	Improper Access Control in Mia Technologies’ Pizzy Library_CVE-2026-5230 Improper Access Control, Missing Authorization vulnerability in MIA Technology Inc. Pizzy Library allows Exploiting Incorrectly Configured Access C...	MIA Technology Inc.	Pizzy Library 1.0.0.26250	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-5079	multer vulnerable to Denial of Service via deeply nested field names_CVE-2026-5079 Impact: multer versions 1.0.0 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service via deeply nested field names in multipart form...	multer	multer 1.0.0	Jun 15, 2026	CVE
CRITICAL 10	CVE-2026-52704	WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability_CVE-2026-52704 Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion...	Edgar Rojas	WooCommerce PDF Invoice Builder n/a	Jun 15, 2026	CVE