CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6	CVE-2026-53808	OpenClaw < 2026.5.6 - Approval Policy Bypass in Skill Workshop Apply Flow_CVE-2026-53808 OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set appl...	OpenClaw	OpenClaw	Jun 11, 2026	CVE
HIGH 7.7	CVE-2026-53807	OpenClaw < 2026.5.6 - Authorization Bypass in Telegram Interactive Callbacks via commands.allowFrom_CVE-2026-53807 OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip c...	OpenClaw	OpenClaw	Jun 11, 2026	CVE
HIGH 7.7	CVE-2026-53806	OpenClaw < 2026.5.12 - Shell Option Parsing Bypass in Exec Revalidation_CVE-2026-53806 OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. ...	OpenClaw	OpenClaw	Jun 11, 2026	CVE
HIGH 7.7	CVE-2026-50245	Brickcom Cameras Missing Authentication for Critical Function_CVE-2026-50245 Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still i...	Brickcom	Cube 3.2.3.5.6	Jun 11, 2026	CVE
HIGH 7.7	CVE-2026-50005	Brickcom Cameras Use of Default Credentials_CVE-2026-50005 Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds.	Brickcom	Cube 3.2.3.5.6	Jun 11, 2026	CVE
CRITICAL 9	CVE-2026-41005	UAA accepts SAML Encrypted Assertions authentication bypass_CVE-2026-41005 Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as a substitute for XML signatures from the Identity...	Cloud Foundry	UAA 2.0.0	Jun 11, 2026	CVE
NONE	9C9F70FF-2585-	dvwa-web-attack-lab_9C9F70FF-2585-522B-AEBD-59CBB8CD56B7 Web Application Penetration Testing Lab Platform: Kali Linux VirtualBox \| Target: DVWA Damn Vulnerable Web Application \| Tools: Burp Suite Communit...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
NONE	TALOSBLOG:E499A...	A tale of two eras_TALOSBLOG:E499ABB864B9A8C19A09AD5A39C7322B ![A tale of two eras](https://storage.ghost.io/c/af/a0/afa04ee3-414f-4481-8d23-7e7c146f192e/content/images/2026/06/threat_source-1.jpg) Welcome to...	N/A	N/A	Jun 11, 2026	TALOSBLOG
NONE	WIRED:0B021BDAA...	Grok Is Still Hosting Sexualized Deepfakes of Famous Women_WIRED:0B021BDAAFB71BEEC59FFF8BD19BFEC9 A WIRED investigation found dozens of “nudified” deepfake images and videos on Grok's website, including nonconsensual depictions of celebrities an...	N/A	N/A	Jun 11, 2026	WIRED
CRITICAL 9.8	THN:752B90FA610...	ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities_THN:752B90FA61064ECC5D562EA512CCEC15 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBpNcbfulhruio1VSh8OPKOjdx3gvP-Chg8OjSm7LZeVK2GaVR-osKeoQjO9e1_56Dtedmlisu76lYc70Wv5...	N/A	N/A	Jun 11, 2026	THN