Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.1	CVE-2026-47833	CVE-2026-47833_CVE-2026-47833 setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bp...	Cloud Foundry Foundation	bpm-release	Jun 18, 2026	CVE
HIGH 7.5	PACKETSTORM:223805	📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:223805 WordPress Contest Gallery plugin version 28.1.4 unauthenticated blind SQL Injection exploit written in Python3...	N/A	N/A	Jun 18, 2026	PACKETSTORM
NONE	0CF22E77-69CF-	SQL-Injection_0CF22E77-69CF-5381-99B9-FA46DAC954C6 SQL-Injection This project, developed in VS Code using JavaScript Node.js, demonstrates the mechanics and remediation of SQL Injection SQLi. It fea...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT
NONE	F5663BA3-FD03-	NextJS-Middleware-Bypass-PoC_F5663BA3-FD03-5E91-BE24-0C0702FCE22F MCID15795619: Next.js Middleware Bypass PoC Executive Summary This repository contains the technical details and Proof of Concept PoC for a High-Se...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT
HIGH 8.4	CVE-2026-12390	Access of resource using incompatible type (‘type confusion’) in AzeoTech DAQFactory_CVE-2026-12390 In AzeoTech DAQFactory versions 21.1 and prior, a Type Confusion vulnerability can be exploited by an attacker using specially crafted .ctl files w...	AzeoTech	DAQFactory	Jun 18, 2026	CVE
MEDIUM 6.9	CVE-2026-56099	OpenBSD mpls_do_error Kernel Stack Memory Disclosure via MPLS Input_CVE-2026-56099 OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read vulnerability in the mpls_do_error function within sys/netmpls/mpls_input...	openbsd	src	Jun 18, 2026	CVE
MEDIUM 5.8	CVE-2026-48983	pam_usb: TOCTOU race condition in pad directory creation allows symlink substitution_CVE-2026-48983 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, a symlink race condition exists in p...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 5.8	CVE-2026-48982	pam_usb: Missing O_EXCL on pad temp file creation allows concurrent update race_CVE-2026-48982 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, when updating a one-time pad file, a...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 6.7	CVE-2026-48981	pam_usb: xmlReadFile flags=0 permits XXE network entity fetching in conf.c_CVE-2026-48981 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, pam_usb calls xmlReadFile() with fla...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 6.3	CVE-2026-48980	pam_usb: getenv() used in PAM context allows environment variable injection into local-check logic_CVE-2026-48980 pam_usb provides hardware authentication for Linux using removable media. In versions prior to 0.9.2, getenv() environment variables XRDP_SESSION,...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE