CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2025-69104	WordPress Qreatix theme <= 1.9.4 - Cross Site Scripting (XSS) vulnerability_CVE-2025-69104 Unauthenticated Cross Site Scripting (XSS) in Qreatix	jkdevstudio	Qreatix n/a	Jun 16, 2026	CVE
HIGH 7.5	CVE-2025-69103	WordPress Brikk theme <= 3.0.0 - Arbitrary Content Deletion vulnerability_CVE-2025-69103 Subscriber Arbitrary Content Deletion in Brikk	Utillz	Brikk n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2025-60085	WordPress Learnify theme <= 1.15.0 - Local File Inclusion vulnerability_CVE-2025-60085 Unauthenticated Local File Inclusion in Learnify	ThemeREX Group	Learnify n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2025-58924	WordPress Geya theme <= 1.15 - Local File Inclusion vulnerability_CVE-2025-58924 Unauthenticated Local File Inclusion in Geya	ThemeREX Group	Geya n/a	Jun 16, 2026	CVE
CRITICAL 9.3	CVE-2026-48745	Traccar Client: silent configuration hijack via unverified deep link redirects all GPS telemetry_CVE-2026-48745 Traccar Client is a GPS tracking mobile app for sending location updates to private servers using the open-source Traccar platform. In versions 9.7...	traccar	traccar-client < 9.7.20	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-48929	CVE-2026-48929_CVE-2026-48929 Rocket.Chat in versions	Rocket.Chat	Rocket.Chat	Jun 16, 2026	CVE
HIGH 8.2	CVE-2026-48788	Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing_CVE-2026-48788 Remark42 is a self-hosted comment engine for blogs, articles, or any other place where readers can add comments. Versions 1.6.0 through 1.15.0 cont...	umputun	remark42 >= 1.6.0, < 1.16.0	Jun 16, 2026	CVE
MEDIUM 6.8	CVE-2026-48782	pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)_CVE-2026-48782 Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. In versions 1.56.0 through 1.101.0, 2.0.0b1, an...	pydantic	pydantic-ai >= 1.56.0, < 1.102.0	Jun 16, 2026	CVE
CRITICAL 9.3	CVE-2026-48616	CVE-2026-48616_CVE-2026-48616 Rocket.Chat versions	Rocket.Chat	Rocket.Chat	Jun 16, 2026	CVE
CRITICAL 9.3	CVE-2026-48797	Backpropagate: backprop ui –auth and backprop ui –share do not enforce authentication_CVE-2026-48797 Backpropagate is a Python library for fine-tuning large language models on a single GPU. In versions 1.1.0 and 1.1.1, the optional Reflex web UI ex...	mcp-tool-shop-org	backpropagate >= 1.1.0, < 1.2.0	Jun 16, 2026	CVE