CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.9	CVE-2026-12164	Privilege Escalation in Fortra File Integrity Monitoring (FIM)_CVE-2026-12164 Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permission...	Fortra	File Integrity Monitoring (FIM)	Jun 23, 2026	CVE
MEDIUM 5.5	CVE-2026-12163	Stored XSS in Fortra File Integrity Monitoring (FIM)_CVE-2026-12163 Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting (XSS) vulnera...	Fortra	Fortra File Integrity Monitoring (FIM)	Jun 23, 2026	CVE
HIGH 8.2	CVE-2026-11972	tarfile opened in streaming mode mishandles EOF_CVE-2026-11972 When using the "tarfile" module with a file opened in "streaming mode" (mode="r\|") the tarfile module did not properly handle EOF, meaning an archi...	Python Software Foundation	CPython	Jun 23, 2026	CVE
HIGH 8.7	F3832E4F-76F3-	Exploit for CVE-2026-11834_F3832E4F-76F3-50B7-92A3-92EB0B582EB1 CVE-2026-11834 PoC TP-Link DHCP Option 66 Unauthenticated RCE CVE-2026-11834 Overview A command injection vulnerability CWE-78 in the DHCP Option 6...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
HIGH 7.8	C3D90422-8858-	Exploit for Use After Free in Microsoft_C3D90422-8858-5EAC-A8E5-588AF315EA86 CVE-2026-42978 PoC & Research Windows Push Notifications Use-After-Free Race condition in Windows Push Notifications service WpnService that runs a...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
HIGH 8.2	MSF:AUXILIARY-SCANNER-	Audiobookshelf Unauthenticated API Authentication Bypass Scanner_MSF:AUXILIARY-SCANNER-HTTP-AUDIOBOOKSHELF_AUTH_BYPASS- This module detects Audiobookshelf servers affected by CVE-2025-25205, an unauthenticated authentication bypass. Affected versions 2.17.0 through 2...	N/A	N/A	Jun 23, 2026	METASPLOIT
NONE	D00ABD7F-A3B6-	web-exploitation-lab_D00ABD7F-A3B6-5F61-A944-65E5960AB87E 🌐 Web Exploitation Lab Payloads, techniques et cheatsheet web — SQLi, XSS, LFI, SSRF — by @ibramoha2 --- 💉 SQL Injection sql -- Test basique ' OR...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
NONE	HACKREAD:40BF5A...	LastPass Confirms Customer Data Breach After Klue OAuth Token Theft_HACKREAD:40BF5AE34923B51723CA316715EF181B LastPass has confirmed it was affected by the Klue supply chain incident, saying an unauthorised actor used stolen…	N/A	N/A	Jun 23, 2026	HACKREAD
CRITICAL 9.8	IMPERVABLOG:CC2...	CVE-2025-54068 Laravel Livewire Credential Theft Campaign: 6,000+ Applications Compromised_IMPERVABLOG:CC22F53AF67610E01435FC711BB2B03F ## Introduction On May 24, 2026, Imperva observed exploitation attempts against Laravel Livewire applications, blocked by the Imperva Cloud WA...	N/A	N/A	Jun 23, 2026	IMPERVABLOG
NONE	WIRED:97C27F256...	Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed_WIRED:97C27F256D0F2D95C8FBD8F9552B9208 The private events group, cofounded by Peter Thiel, says a “criminal” hacker is behind a breach that exposed members’ personal details. WIRED found...	N/A	N/A	Jun 23, 2026	WIRED