CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-45357	LiquidJS: Memory and render limit bypass via unbounded width padding in `date` filter (strftime)_CVE-2026-45357 LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, the date filter's strftime...	harttle	liquidjs < 10.26.0	Jun 17, 2026	CVE
CRITICAL 9.8	AVLEONOV:CC3D65...	June “In the Trend of VM” (#28): Linux kernel, Microsoft Defender, and Palo Alto Networks device vulnerabilities_AVLEONOV:CC3D65635446B497749DDD41CFC7A7F3 ![June In the Trend of VM \(#28\): Linux kernel, Microsoft Defender, and Palo Alto Networks device vulnerabilities](https://avleonov.com/wp-content...	N/A	N/A	Jun 17, 2026	AVLEONOV
NONE	AKAMAIBLOG:E8DA...	How Akamai Defended an Indian Bank Against Record-Breaking DDoS Attacks_AKAMAIBLOG:E8DAACEDC9DD18E841381BE36778451B Learn how Akamai successfully neutralized one of the largest DDoS attacks ever recorded in the Indian banking sector before a single customer was i...	N/A	N/A	Jun 17, 2026	AKAMAIBLOG
CRITICAL 9.3	38CC0676-948A-	Exploit for Cross-site Scripting in Roundcube Webmail_38CC0676-948A-5269-9162-8B92F853D747 CVE-2024-42009 — Roundcube Webmail 1.6.6 Stored XSS PoC For authorised security testing, CTF environments, and educational research only. Using thi...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.3	C5EFE23A-E7AE-	Exploit for CVE-2015-10141_C5EFE23A-E7AE-5AC1-BCD5-1817788E4C5B CVE-2015-10141...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.8	CVE-2026-55202	Tinyproxy – Stathost Detection Bypass via Host Header Manipulation_CVE-2026-55202 Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated a...	tinyproxy	tinyproxy	Jun 17, 2026	CVE
HIGH 7.4	CVE-2026-55201	Evil-WinRM – Path Traversal in download_dir() Function_CVE-2026-55201 Evil-WinRM through 3.9, fixed in commit 6ecd570, contains a path traversal vulnerability in the download_dir() function that allows a rogue or comp...	Hackplayers	evil-winrm	Jun 17, 2026	CVE
CRITICAL 9.2	CVE-2026-55200	libssh2 – Out-of-Bounds Write via Unchecked packet_length in transport.c_CVE-2026-55200 libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2_transport_read() that fails to enforce upper ...	libssh2	libssh2	Jun 17, 2026	CVE
HIGH 8.2	CVE-2026-55199	libssh2 – Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler_CVE-2026-55199 libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSH_MSG_EXT_INFO handler in s...	libssh2	libssh2	Jun 17, 2026	CVE
MEDIUM 6.9	CVE-2026-12529	SourceCodester CET Automated Grading System with AI Predictive Analytics Student Self-Registration Endpoint index.php access control_CVE-2026-12529 A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. Affected is an unknown ...	SourceCodester	CET Automated Grading System with AI Predictive Analytics 1.0	Jun 17, 2026	CVE