Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.1	CVE-2026-6954	Multiple vulnerabilities in Intermark IT’s WebControl CMS_CVE-2026-6954 Cross-Site Scripting (XSS) vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to execute JavaScript code or...	Intermark IT	WebControl CMS	Jun 30, 2026	CVE
MEDIUM 5.1	CVE-2026-6953	Multiple vulnerabilities in Intermark IT’s WebControl CMS_CVE-2026-6953 HTML injection vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to send an email containing malicious HTM...	Intermark IT	WebControl CMS	Jun 30, 2026	CVE
HIGH 7.7	CVE-2026-13149	CVE-2026-13149_CVE-2026-13149 brace-expansion through 5.0.6 is vulnerable to denial of service. The expand() function exhibits exponential-time complexity in the number of conse...	juliangruber	brace-expansion	Jun 30, 2026	CVE
MEDIUM 6.4	CVE-2026-12610	Sssd: use-after-free crash in sssd’ ‘sssd_pam’ process_CVE-2026-12610 A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memor...	Red Hat	Red Hat Enterprise Linux 10	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-12076	SQL Injection in Raytha CMS_CVE-2026-12076 Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to...	Raytha	Raytha 1.5.2	Jun 30, 2026	CVE
HIGH 7	CVE-2026-10763	CVE-2026-10763_CVE-2026-10763 PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server.	Hitachi Energy	PROMOD V 1.0.0	Jun 30, 2026	CVE
MEDIUM 4.4	CVE-2026-13316	Foreman: ssrf to cloud metada service through unvalidated test_url parameters in foreman config_CVE-2026-13316 A flaw has been found in foreman when HTTP parameters are modified in http_proxies_controller and http_proxy files. Attackers can perform an SSRF a...	Red Hat	Red Hat Satellite 6	Jun 30, 2026	CVE
HIGH 7.3	201DCF14-1AAA-	wp-exploit_201DCF14-1AAA-5BD3-BC87-3A8A7BBBCF54 🚀 FULLCVE-2026-6433 Advanced WordPress Exploitation Framework --- 📖 Overview FULLCVE-2026-6433 is a modular, high-performance toolkit designed to...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 7.8	54DE62F9-A0CE-	Exploit for Use After Free in Google Android_54DE62F9-A0CE-554B-A9D1-FCB05FE5250D Root Sonim XP3800 Root access for the Sonim XP3800 XP3plus. Two paths are available — choose whichever fits your situation. Two paths to root Optio...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
NONE	THN:7F75382DA65...	AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks_THN:7F75382DA651A5ECDEF282D4E511FDDF ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCyrr25-wXst4kOLIEi1-Q1d5XMVDCvWqUacEoSRsLn6C5CbKoXGLb4nzTB-DVr9cLOkyuIT5wyMrQICAVhQ...	N/A	N/A	Jun 30, 2026	THN