CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.9	CVE-2026-50563	Fission Container Executor Function PodSpec Injection Leading to Node Escape_CVE-2026-50563 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior...	fission	fission < 1.24.0	Jun 10, 2026	CVE
CRITICAL 9.9	CVE-2026-50545	Fission Environment CRD PodSpec Injection Leading to Node Escape and Cluster Takeover_CVE-2026-50545 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior...	fission	fission < 1.24.0	Jun 10, 2026	CVE
CRITICAL 9.8	CVE-2026-46614	Fission router exposes /fission-function// on its public listener, allowing invocation of any function without an HTTPTrigger_CVE-2026-46614 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior...	fission	fission < 1.23.0	Jun 10, 2026	CVE
CRITICAL 9.8	CVE-2026-20253	Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise_CVE-2026-20253 In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated us...	Splunk	Splunk Enterprise 10.2	Jun 10, 2026	CVE
CRITICAL 9.1	CVE-2026-34182	CMS AuthEnvelopedData Processing May Accept Forged Messages_CVE-2026-34182 Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of ...	OpenSSL	OpenSSL 4.0.0, 3.6.0, 3.5.0, 3.4.0, 3.0.0	Jun 9, 2026	CVE
CRITICAL 9.8	THN:F7E7D468AF7...	China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance_THN:F7E7D468AF7210FBEDEFCF347D48B054 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQC0_BYMuNpY7re4OHHsytEfC6fW3KsonxN6e2X0Dj03fJoMazI6EZnvPj_hOUZ99yJLq6RrH3ZSCsfDWOB6...	N/A	N/A	Jun 10, 2026	THN
CRITICAL 10	PACKETSTORM:223077	📄 UniFi Network 9.0.118 Path Traversal / File Disclosure_PACKETSTORM:223077 UniFi Network version9.0.118 suffers from a path traversal vulnerability that can lead to arbitrary file disclosure...	N/A	N/A	Jun 10, 2026	PACKETSTORM
CRITICAL 9.3	1562A58E-1A45-	Exploit for Improper Authentication in Checkpoint Gaia_Os_1562A58E-1A45-56EF-BDBE-A65E8A6B3F77 CVE-2026-50751 Check Point IKEv1 Scanner A multi-threaded vulnerability scanner for CVE-2026-50751, a critical IKEv1 authentication bypass vulnerab...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 10	THN:3E49862488C...	Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities_THN:3E49862488C9D9A0EC9213C02A5BB679 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhs2l0GUUy91D4hHU067eYWpRzvSJGcfOkHce2jcVXZGWI9sld0hgaomhoKTc3dYEXEbz05oZQ5mFzo34eXp-...	N/A	N/A	Jun 10, 2026	THN
CRITICAL 9.8	CVE-2026-38615	CVE-2026-38615_CVE-2026-38615 DedeCMS V5.7.118 is vulnerable to Command Execution in file_manage_control.php.	DedeCMS Team	DedeCMS V5.7.118	Jun 9, 2026	CVE