exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-1869	User Registration & Membership <= 5.2.0 - Missing Authorization to Unauthenticated Payment Bypass_CVE-2026-1869 The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Bu...	wpeverest	User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder	Jun 26, 2026	CVE
MEDIUM 5.5	MS:CVE-2026-4367	Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing_MS:CVE-2026-4367 {“lastseen”:”2026-06-26T07:47:53″,”description”:””,”published”:”2026-06-25T08:03:...	N/A	N/A	Jun 25, 2026	MSCVE
HIGH 8.8	THN:3AF4D7A4A25...	Google Details Turla’s New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks_THN:3AF4D7A4A2521E78D5A57F5ED9C21560 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9SthtlfUvEkaX0iZanYdYTAOV5hgm44yCwHu_3GCaoa11rO-GkO9oc0_qN9JGw2n86dsEsN_sdaYt2ra_4I...	N/A	N/A	Jun 26, 2026	THN
CRITICAL 9.8	BECF4517-38B6-	Exploit for Authentication Bypass Using an Alternate Path or Channel in Nvidia Triton_Inference_Server_BECF4517-38B6-5DC3-97A0-FDF34F1763C0 CVE-2026-24207 / 24206 — NVIDIA Triton Inference Server SageMaker & Vertex AI auth bypass Unauthenticated attackers can reach the model-management ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 9.8	8C0976A0-3F8E-	Exploit for Authentication Bypass Using an Alternate Path or Channel in Nvidia Triton_Inference_Server_8C0976A0-3F8E-508D-8CD5-6A5A5D01F118 CVE-2026-24207 / 24206 — NVIDIA Triton Inference Server SageMaker & Vertex AI auth bypass Unauthenticated attackers can reach the model-management ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 8.8	75D8AF60-1BE7-	Exploit for Use After Free in Google Chrome_75D8AF60-1BE7-5841-A5AC-CC59A30D14EB CVE-2026-13036 — Use-After-Free in Blink WidgetBase::UpdateSurfaceAndScreenInfo A use-after-free vulnerability in Google Chrome's Blink rendering e...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 8.8	0AEC5CEA-1ACD-	Exploit for Path Traversal in Rarlab Winrar_0AEC5CEA-1ACD-55C4-80FC-250F80922CE5 Amaranth Project A multi-stage backdoor implantation attack chain is implemented using CVE-2025-8088 WinRAR path traversal vulnerability, ≤ 7.11. F...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	D5ADB7F6-7152-	offensive-craft_D5ADB7F6-7152-5D68-81DA-EFE5FF60F5AF offensive-craft 🛠️ A forge for offensive security research — exploit development, tooling, tradecraft, and proof-of-concept work across the red tea...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 8.5	CVE-2026-8797	CVE-2026-8797_CVE-2026-8797 An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary co...	NEC Corporation	ExpressUpdate Agent for Windows 3.24 and prior	Jun 26, 2026	CVE
CRITICAL 9.8	967B93A1-932E-	Exploit for Missing Authentication for Critical Function in Oracle Peoplesoft_Enterprise_Peopletools_967B93A1-932E-5765-ABFF-5B9AE1C2F357 CVE-2026-35273-poc file clone the repo, cd into, run main.py file...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT