CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-44488	Axios: Allocation of Resources Without Limits or Throttling in axios_CVE-2026-44488 Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.x did not enforce configured request and respon...	axios	axios >= 1.7.0, < 1.16.0	Jun 11, 2026	CVE
HIGH 8.2	CVE-2026-44487	Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter_CVE-2026-44487 Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios’s Node.js HTTP adapter may forward a Proxy-Auth...	axios	axios >= 1.0.0, < 1.16.0	Jun 11, 2026	CVE
HIGH 7.5	CVE-2026-44486	Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection_CVE-2026-44486 Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios’ Node.js HTTP adapter can leak proxy credential...	axios	axios >= 1.0.0, < 1.16.0	Jun 11, 2026	CVE
MEDIUM 6.4	CVE-2026-11945	PostgreSQL Anonymizer: SQL injection in the rules import functions_CVE-2026-11945 PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a JSON document and placing malicious co...	DALIBO	PostgreSQL Anonymizer 1	Jun 11, 2026	CVE
HIGH 7.3	PACKETSTORM:223224	📄 Craft CMS 5.9.5 Missing Authorization / Authentication Bypass_PACKETSTORM:223224 This script is an assessment and exploitation framework targeting a missing authorization vulnerability in affected versions of Craft CMS that may ...	N/A	N/A	Jun 11, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:223236	📄 Drupal core 10.5.5 JSON:API PostgreSQL Error-Based SQL Injection_PACKETSTORM:223236 This code demonstrates a research-oriented implementation targeting a reported SQL injection condition in Drupal JSON:API endpoints backed by Postg...	N/A	N/A	Jun 11, 2026	PACKETSTORM
NONE	PACKETSTORM:223240	📄 FIFOFox: Windows Named-Pipe Weak Permission and Access Control Validation_PACKETSTORM:223240 This C-based framework analyzes Windows named pipes for insecure permission configurations and weak access controls that could introduce privilege ...	N/A	N/A	Jun 11, 2026	PACKETSTORM
HIGH 8.8	B4BD65AE-C56B-	Exploit for Use After Free in Redis_B4BD65AE-C56B-5415-BFF0-4D29FA8BEAA1 CVE-2026-23479 Scanner Redis Use-After-Free vulnerability CVE-2026-23479 detection tool. Automatically checks Redis instances for vulnerability, mi...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
HIGH 7.8	D039E607-9443-	Exploit for Use After Free in Linux Linux_Kernel_D039E607-9443-53D4-AA20-578FC0282FE1 CVE-2026-23111 nftables LPE: exposure check and safe lab Defensive tooling and a reproducible virtual-machine lab for CVE-2026-23111, the nftables ...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
HIGH 8.1	236C3334-CF38-	Exploit for CVE-2026-10795_236C3334-CF38-5100-98AA-1DF6189FF3D2 CVE-2026-10795 UpdraftPlus Auto-Exploit & Mass Scanner Authorized Use Only — This tool is provided for authorized penetration testing, security res...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT