news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	F6DED4B3-0BF1-	Exploit for CVE-2025-49132_F6DED4B3-0BF1-5472-8007-CA2E2BD30D87 CVE-2025-49132 — Pterodactyl RCE Exploit tool for CVE-2025-49132 — a critical unauthenticated arbitrary code execution vulnerability affecting the ...	N/A	N/A	Jun 5, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CF7F5C86-A14A-	Exploit for Missing Authentication for Critical Function in Cpanel_CF7F5C86-A14A-5266-BBE6-6FBEB8CD6898 CVE-2026-41940 — cPanel2Shell Interactive exploitation tool for CVE-2026-41940 --- 🧠 What is CVE-2026-41940 ? cPanel2Shell exploits a critical Aut...	N/A	N/A	Jun 5, 2026	GITHUBEXPLOIT
CRITICAL 10	11E8CD3B-3967-	Exploit for CVE-2026-34908_11E8CD3B-3967-5005-9757-30C2B9C0E571 UniFi OS Server Unauth RCE Chain Detection Script A safe detector for the unauthenticated remote code execution chain in UniFi OS Server ≤ 5.0.6, d...	N/A	N/A	Jun 5, 2026	GITHUBEXPLOIT
NONE	HACKREAD:8FCB67...	Miasma Malware Hits 32 Red Hat Packages via Compromised GitHub Account_HACKREAD:8FCB67E5B8DC94B34C1007AED8D877F6 32 Red Hat npm packages compromised by Miasma malware expose cloud tokens, CI/CD secrets and developer credentials in supply chain attack.	N/A	N/A	Jun 5, 2026	HACKREAD
CRITICAL 9.8	CVE-2026-7762	Heap buffer overflow in dot11ah.ko S1G Capabilities IE processing_CVE-2026-7762 A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.1...	Morse Micro	HaLowLink 2	Jun 5, 2026	CVE
CRITICAL 9.8	CVE-2026-7763	Heap buffer overflow in morse.ko TIM IE processing_CVE-2026-7763 A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 ...	Morse Micro	HaLowLink 2	Jun 5, 2026	CVE
MEDIUM 6.5	CVE-2026-37737	CVE-2026-37737_CVE-2026-37737 sanic-cors version 2.2.0 and prior contains an improper regular expression in the try_match() function in sanic_cors/core.py that uses re.match wit...	n/a	n/a n/a	Jun 5, 2026	CVE
MEDIUM 6.1	ZSL-2026-5988	Lyrion Music Server 9.2.0 (server.log) Unauthenticated Reflected XSS_ZSL-2026-5988 Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stre...	N/A	N/A	Jun 5, 2026	ZEROSCIENCE
MEDIUM 6.1	ZSL-2026-5993	Lyrion Music Server 9.2.0 (search.*) Multiple Script Insertions_ZSL-2026-5993 Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stre...	N/A	N/A	Jun 5, 2026	ZEROSCIENCE
HIGH 7.2	ZSL-2026-5989	Lyrion Music Server 9.2.0 (server.log) Unauthenticated Stored XSS_ZSL-2026-5989 Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stre...	N/A	N/A	Jun 5, 2026	ZEROSCIENCE