Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	9362E5FB-8A5E-	Exploit for CVE-2026-48907_9362E5FB-8A5E-5D90-AEE0-44FA2E7F560E CVE-2026-48907 Description هذا الملف CVE-2025-9209.py هو أداة استغلال جماعي تعمل على استهداف ثغرة CVE-2025-9209. الوظائف الأساسية: تفحص قائمة مواقع...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
NONE	WIRED:B6A7A3320...	The FCC Wants to Kill Burner Phones_WIRED:B6A7A3320F201953AE03CB69723D6E08 Plus: AI bug hunting fuels Microsoft’s biggest-ever Patch Tuesday, ShinyHunters ransomware gang exploits an Oracle zero-day, and more.	N/A	N/A	Jun 13, 2026	WIRED
HIGH 7.2	CVE-2026-5513	Online Scheduling and Appointment Booking System – Bookly <= 27.2 - Unauthenticated Stored Cross-Site Scripting via 'bookly-customer-full-name' Cookie_CVE-2026-5513 The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-cus...	ladela	Online Scheduling and Appointment Booking System – Bookly	Jun 13, 2026	CVE
NONE	C5449C27-7E72-	vader-toctou_C5449C27-7E72-529E-BB3B-A2BECFAFBE53 OPERATION VADER — TOCTOU EXPLOITATION SYLLABUS OPERATIONS ORDER 001-26 VADER Classification: UNCLASSIFIED // ACADEMIC USE ONLY DTG: 130600Z JUN 202...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
CRITICAL 9.8	1B1A3142-CD90-	Exploit for Improper Access Control in Getgrav Grav-Plugin-Admin_1B1A3142-CD90-5BA0-A772-AC630842FD7C CVE-2021-21425 - GravCMS Unauthenticated RCE Unauthenticated Remote Code Execution exploit for GravCMS Custom command python3 exploit.py -t http://...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
HIGH 7.8	A0F6718E-3F97-	Exploit for Code Injection in Exiftool_Project Exiftool_A0F6718E-3F97-524C-8420-8BD056FE6751 CVE-2021-22204 - ExifTool Arbitrary Code Execution An upgraded exploit for CVE-2021-22204, a vulnerability in ExifTool versions 7.44 through 12.23 ...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
CRITICAL 9.8	A1D50DD6-435E-	Exploit for CVE-2026-6279_A1D50DD6-435E-5B9D-933B-23BDA38B2B7B Description This Python script is an exploit tool for CVE-2026-6279 targeting Avada Builder = 3.15.2. Key behavior: scans targets for fusionloadnon...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
MEDIUM 4.3	CVE-2026-1291	Meow Gallery <= 5.4.4 - Missing Authorization to Authenticated (Author+) Shortcode creation_CVE-2026-1291 The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the REST API endpoint...	tigroumeow	Meow Gallery	Jun 13, 2026	CVE
CRITICAL 9.4	CVE-2026-11624	CVE-2026-11624_CVE-2026-11624 The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebin...	Google	MCP Toolbox for Databases	Jun 13, 2026	CVE
HIGH 7.5	F82812B2-209D-	Exploit for CVE-2026-11450_F82812B2-209D-560F-A047-2C5FA823E1FD GL.iNet Beryl AX Triple RCE PoC PoC for three unauthenticated command injection vulnerabilities CVE-2026-11450, CVE-2026-11451, CVE-2026-11452 in t...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT