news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-11406	GL.iNet MT3000 OpenVPN Client Import Workflow ovpnclient.sh command injection_CVE-2026-11406 A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component Op...	GL.iNet	MT3000 4.4.0	Jun 6, 2026	CVE
MEDIUM 5.3	CVE-2026-11408	vertex-app vertex Log Viewer Endpoint LogMod.js os command injection_CVE-2026-11408 A vulnerability was identified in vertex-app vertex up to 2026.02.12. This issue affects some unknown processing of the file app/model/LogMod.js of...	vertex-app	vertex 2026.02.0	Jun 6, 2026	CVE
CRITICAL 9.8	0CDEBDFC-50F8-	Exploit for CVE-2026-3844_0CDEBDFC-50F8-59DC-B9F7-A7A24E92F353 CVE-2026-3844 – Breeze Cache WordPress Plugin Unauthenticated RCE -red?style=flat-square CVE-2026-3844 is a critical unauthenticated arbitrary file...	N/A	N/A	Jun 6, 2026	GITHUBEXPLOIT
HIGH 8.2	FCBCA693-9B91-	Exploit for CVE-2026-48595_FCBCA693-9B91-5B02-9BC1-F1458C12EEDF CVE-2026-48595 - elixir-tesla tesla Vulnerability Quick Usage bash python3 exploit.py -t "C:\\Path\\To\\Target" -o demo.zip --data-file payload.exe...	N/A	N/A	Jun 6, 2026	GITHUBEXPLOIT
CRITICAL 9.6	THN:28ECB8D8884...	AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs_THN:28ECB8D88842DE5F9553D37CC071ED99 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiyg1vRQART17ZjJXANnrQ8Vtn7h_tM5IihGJ4LnxbGTDFL1QSvR_lEDmVm7bsO84br04_oM-RM9ZgX-6b5yV...	N/A	N/A	Jun 6, 2026	THN
HIGH 7.5	THN:74EB74663A9...	CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog_THN:74EB74663A9229D934363355C5927F84 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQ_ZbsHhh5kUS5501itVSeBa91H50qNfHH_PQ1_2WEDLi-B_eKslYeu1_43fNAW55Z9TVR5ae8ZIGDm4vZQS...	N/A	N/A	Jun 6, 2026	THN
NONE	THN:DA2FCA79C0C...	Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI_THN:DA2FCA79C0C6D04CAA866AECB4D6FD68 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKr3KoscB_oGLqU5_JV16DIaB7jXY1ko8PiJDTuwrxbHcZV2DYJpfkx8lqwNbscwTSTVQUMwd8vBf-nI13mQ...	N/A	N/A	Jun 6, 2026	THN
HIGH 8	CB25E601-F8DB-	Exploit for Heap-based Buffer Overflow in Mediatek Mt6890_Firmware_CB25E601-F8DB-5A0A-9D27-2D1C005BFA43 CVE-2026-20452 — MediaTek WLAN AP Heap Overflow PoC Proof of concept exploit for CVE-2026-20452, a heap-based buffer overflow in MediaTek's WLAN Ac...	N/A	N/A	Jun 6, 2026	GITHUBEXPLOIT
NONE	THN:ED7CB5908CA...	Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack_THN:ED7CB5908CA7EDF70F93B2175FB7C683 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgG8k6LtHNQ3cHl_X1AZbXRn6LZCNZ6lMLjy-9HG7-_OQekMOhCQKkktrnMqVteXfmGHBMMlbTv3v9Rl6kKjX...	N/A	N/A	Jun 6, 2026	THN
HIGH 7.2	CVE-2026-9851	Booking Package <= 1.7.16 - Authenticated (Editor+) Privilege Escalation via Account Takeover to updateUser AJAX Action_CVE-2026-9851 The Booking Package plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in versions up to, and including, 1.7.16. This ...	masaakitanaka	Booking Package	Jun 6, 2026	CVE