CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.9	CVE-2025-15658	WordPress WP Emmet plugin <= 0.3.4 - Cross Site Scripting (XSS) vulnerability_CVE-2025-15658 Administrator Cross Site Scripting (XSS) in WP Emmet	rewish	WP Emmet n/a	Jun 15, 2026	CVE
HIGH 7.5	THN:0C053FA1B9E...	One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files_THN:0C053FA1B9E28CFF8B119BFB93E9A94A ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgH3B8zgsVZmHEyLi8McE-eOrGvwf6Uh3zyqWrttvaEddXJCot7sybI1o-Ly5Q1TtuEJx9BzXol3oaXSFdzFi...	N/A	N/A	Jun 15, 2026	THN
CRITICAL 9.2	DE40BC6F-7F50-	Exploit for CVE-2026-9277_DE40BC6F-7F50-5F83-B654-AEE371F307C5 CVE-2026-9277 - Shell-Quote Command Injection Exploit A specialized Proof of Concept PoC exploit script designed to verify and demonstrate CVE-2026...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
NONE	IMPERVABLOG:250...	Your Security Operations Team Just Got Faster: Meet Imperva’s AI Assistant._IMPERVABLOG:250A3AD5186A262EDA974E570969EADA There is a moment every security analyst knows well. It’s 2am , an alert fires, and you’re staring at a console trying to make sense of what ju...	N/A	N/A	Jun 15, 2026	IMPERVABLOG
NONE	H1:3803415	curl: Secure cookies leaked to HTTP origins through HTTPS forwarding proxy_H1:3803415 ## Summary: When curl accesses an `http://` origin through an HTTPS forwarding proxy, it sends Secure cookies in the request. The cookies travel in...	N/A	N/A	Jun 15, 2026	HACKERONE
NONE	HACKREAD:C96CEA...	Feds Seize CFAKE and SOCFAKE Over Explicit Deepfakes of Famous Women_HACKREAD:C96CEA8B9566704A0DFB88811DD010FA Both CFAKE and SOCFAKE (CFAKE.com and SOCFAKE.com) were seized after prosecutors said they hosted nonconsensual nude digital forgeries of famous wo...	N/A	N/A	Jun 15, 2026	HACKREAD
HIGH 8.8	THN:856A8FFBDB6...	⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More_THN:856A8FFBDB69929C783A53A3AC085A13 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOtdohah5P1Lv9egIZCwwxpEdcV4phYigmhvgzB3ulDhSeeffe4qDsVoowrzaTD6WsgwyjKIdJ_vzvnsUJ78...	N/A	N/A	Jun 15, 2026	THN
MEDIUM 5.3	CVE-2026-8385	WP Go Maps < 10.0.10 - Unauthenticated Sensitive Information Disclosure via Datatables AJAX Fallback_CVE-2026-8385 The WP Go Maps WordPress plugin before 10.0.10 does not properly enforce the marker approval filter on the admin-ajax fallback for its datatables ...	Unknown	WP Go Maps	Jun 15, 2026	CVE
MEDIUM 6.3	CVE-2026-6517	Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed_CVE-2026-6517 Mattermost Desktop App versions	Mattermost	Mattermost	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-5242	Code Injection in Mia Technologies’ Pizzy Library_CVE-2026-5242 Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue aff...	MIA Technology Inc.	Pizzy Library 1.0.0.26250	Jun 15, 2026	CVE