CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	F82812B2-209D-	Exploit for CVE-2026-11450_F82812B2-209D-560F-A047-2C5FA823E1FD GL.iNet Beryl AX Triple RCE PoC PoC for three unauthenticated command injection vulnerabilities CVE-2026-11450, CVE-2026-11451, CVE-2026-11452 in t...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
MEDIUM 6.4	CVE-2026-9134	Photo Gallery by FooGallery : Responsive Image Gallery, Masonry Gallery & Carousel <= 3.1.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'custom_attribute_key' Shortcode Parameter_CVE-2026-9134 The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_attribute_key' shortcode parameter in versions up ...	fooplugins	Photo Gallery by FooGallery : Responsive Image Gallery, Masonry Gallery & Carousel	Jun 13, 2026	CVE
HIGH 7.2	CVE-2026-9109	GPTranslate <= 2.31 - Unauthenticated Stored Cross-Site Scripting via REST API Translation Storage_CVE-2026-9109 The GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites plugin for WordPress is vulnerable to Stored Cross-Si...	john-dagelmore	GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites	Jun 13, 2026	CVE
MEDIUM 6.4	CVE-2026-9629	Canvas <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'tag' Block Attribute_CVE-2026-9629 The Canvas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' parameter in all versions up to, and including, 2.5.2 du...	codesupplyco	Canvas	Jun 13, 2026	CVE
MEDIUM 6.4	CVE-2026-3297	Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Anchor Block_CVE-2026-3297 The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Anchor block ...	softaculous	Page Builder: Pagelayer – Drag and Drop website builder	Jun 13, 2026	CVE
MEDIUM 4.3	CVE-2026-2470	Pagelayer <= 2.0.9 - Incorrect Authorization to Authenticated (Contributor+) Mail Relay Configuration via 'contacts'_CVE-2026-2470 The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, an...	softaculous	Page Builder: Pagelayer – Drag and Drop website builder	Jun 13, 2026	CVE
HIGH 8.5	MS:CVE-2026-11824	SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate_MS:CVE-2026-11824 {“lastseen”:”2026-06-13T07:22:04″,”description”:””,”published”:”2026-06-11T08:01:...	N/A	N/A	Jun 11, 2026	MSCVE
HIGH 8.5	MS:CVE-2026-11822	SQLite before 3.53.2 Memory Corruption in FTS5 Extension_MS:CVE-2026-11822 {“lastseen”:”2026-06-13T07:22:04″,”description”:””,”published”:”2026-06-11T08:01:...	N/A	N/A	Jun 11, 2026	MSCVE
HIGH 8.2	MS:CVE-2026-10846	Insufficient verification that responses belong to a query_MS:CVE-2026-10846 {“lastseen”:”2026-06-13T07:22:04″,”description”:””,”published”:”2026-06-11T08:01:...	N/A	N/A	Jun 11, 2026	MSCVE
HIGH 7.5	MS:CVE-2026-52860	Vim: Arbitrary Code Execution via Python Omni-Completion_MS:CVE-2026-52860 {“lastseen”:”2026-06-13T07:22:04″,”description”:””,”published”:”2026-06-13T08:01:...	N/A	N/A	Jun 13, 2026	MSCVE