CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.3	CVE-2026-6517	Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed_CVE-2026-6517 Mattermost Desktop App versions	Mattermost	Mattermost	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-5242	Code Injection in Mia Technologies’ Pizzy Library_CVE-2026-5242 Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue aff...	MIA Technology Inc.	Pizzy Library 1.0.0.26250	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-5233	Missing Rate Limiting in Mia Technologies’ Pizzy Library_CVE-2026-5233 Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding. This issue affects Pizzy Library: fr...	MIA Technology Inc.	Pizzy Library 1.0.0.26250	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-5230	Improper Access Control in Mia Technologies’ Pizzy Library_CVE-2026-5230 Improper Access Control, Missing Authorization vulnerability in MIA Technology Inc. Pizzy Library allows Exploiting Incorrectly Configured Access C...	MIA Technology Inc.	Pizzy Library 1.0.0.26250	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-5079	multer vulnerable to Denial of Service via deeply nested field names_CVE-2026-5079 Impact: multer versions 1.0.0 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service via deeply nested field names in multipart form...	multer	multer 1.0.0	Jun 15, 2026	CVE
CRITICAL 10	CVE-2026-52704	WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability_CVE-2026-52704 Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion...	Edgar Rojas	WooCommerce PDF Invoice Builder n/a	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-49111	WordPress Masteriyo – LMS plugin <= 2.2.0 - Privilege Escalation vulnerability_CVE-2026-49111 Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n...	ThemeGrill	Masteriyo - LMS n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-49064	WordPress GetPaid plugin <= 2.8.49 - Sensitive Data Exposure vulnerability_CVE-2026-49064 Insertion of Sensitive Information Into Sent Data vulnerability in Stiofan GetPaid allows Retrieve Embedded Sensitive Data. This issue affects Get...	Stiofan	GetPaid n/a	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-49062	WordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerability_CVE-2026-49062 Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue aff...	WP Engine	Faust.js n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-48969	WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability_CVE-2026-48969 Subscriber Broken Access Control in Really Simple SSL	Really Simple Plugins B.V.	Really Simple SSL n/a	Jun 15, 2026	CVE