Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7	CVE-2026-53148	thunderbolt: Clamp XDomain response data copy to allocation size_CVE-2026-53148 In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tb_xdp_prope...	Linux	Linux cdae7c07e3e3509eaabc18c1640a55dc5b99c179	Jun 25, 2026	CVE
HIGH 7	CVE-2026-53143	drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11_CVE-2026-53143 In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 The...	Linux	Linux cc009e613de6560eb499f8bc92c80a737752cb30	Jun 25, 2026	CVE
MEDIUM 5.9	CVE-2026-14160	CVE-2026-14160_CVE-2026-14160 Time-of-check time-of-use (TOCTOU) race condition vulnerability in Samsung Open Source Escargot allows Leveraging Race Conditions. This issue affe...	Samsung Open Source	Escargot bab3a5797557014ce3c2e28419a6310cfba90d0d	Jun 30, 2026	CVE
MEDIUM 4.4	CVE-2026-12114	Team Members <= 8.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'custom_css' Parameter_CVE-2026-12114 The Team Members – Multi Language Supported Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all...	wpmart	Team Members – Multi Language Supported Team Plugin	Jun 30, 2026	CVE
MEDIUM 4.3	CVE-2026-8944	Plugin for Google Analytics by IO technologies <= 1.1 - Cross-Site Request Forgery via 'ga_id' Parameter_CVE-2026-8944 The Plugin for Google Analytics by IO technologies plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and includin...	engagementanalytics	Plugin for Google Analytics by IO technologies	Jun 30, 2026	CVE
MEDIUM 4.4	CVE-2026-12560	Editorial Rating <= 4.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Link URL' Field_CVE-2026-12560 The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all...	wpqode	Editorial Rating – Product Review & Rating System	Jun 30, 2026	CVE
MEDIUM 6.5	9A0091F4-6679-	Exploit for CVE-2026-43700_9A0091F4-6679-565C-8F3F-7D6907959F22 CVE-2026-43700 WebKit WebGPU importExternalTexture cross-domain information leakage. Safari: Red/Green/Blue/White – Fixed issue = 26.5.2: PATCHED i...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
NONE	4AD76066-A087-	Stored-XSS-leading-to-Remote-Code-Execution-Vulnerability-in-gpu-jupyter-_4AD76066-A087-5285-97B9-4D3DEED95B77 Stored XSS leading to Remote Code Execution Vulnerability in gpu-jupyter A stored cross-site scripting XSS vulnerability leading to remote code exe...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.9	54FD57FA-4F05-	Exploit for Prototype Pollution in N8N_54FD57FA-4F05-5BF3-A823-C8F345BE77D5 CVE-2026-44789 — n8n HTTP Request Node Pagination Prototype Pollution → RCE An authenticated n8n in the n8n server process through the HTTP Request...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 7.5	CVE-2026-12243	Path Traversal via Percent-Encoding in nltk.data.find() and nltk.data.load()_CVE-2026-12243 NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue #3504. The `_UNSAFE_NO_PROTOCOL_RE` regex in ...	nltk	nltk/nltk unspecified	Jun 30, 2026	CVE