news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	3E4275D3-0547-	Exploit for Server-Side Request Forgery in Vercel Next.Js_3E4275D3-0547-519B-A6B4-38321844D41A ╔══════════════════════════════════════════════════════════════╗ ║ NextSSRF — CVE-2026-44578 Scanner & Exploit ║ ║ Next.js WebSocket Upgrade Handle...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	AF15C141-8026-	sql-injection-vulnerability-scanner_AF15C141-8026-5A38-9333-A542B5316D04 ...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	WIRED:6EAA0778F...	Hackers Claim to Leak Stolen Madison Square Garden Data_WIRED:6EAA0778FAA6CAA5158FCD6DCCC93CBC Plus: Gay bars in San Francisco using face scanners, France quits Palantir, Apple plans to change its private email and more.	N/A	N/A	Jun 20, 2026	WIRED
HIGH 7.5	THN:3C02EE8690F...	Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys_THN:3C02EE8690F770FB334836241DFA97E7 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL1kN23KhnFjdjHcR0i-iySK1Zv-kkApPs6yBq11670ubXx0NiAbgDMoYSfwQNyq9asso5AG9KcPRXEL4LU8...	N/A	N/A	Jun 20, 2026	THN
MEDIUM 6.5	CVE-2026-12119	Simple File List <= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute_CVE-2026-12119 The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' s...	eemitch	Simple File List	Jun 20, 2026	CVE
HIGH 7.5	CVE-2026-11912	Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action_CVE-2026-11912 The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up ...	eemitch	Simple File List	Jun 20, 2026	CVE
HIGH 7.5	CVE-2026-11911	Simple File List <= 6.3.7 - Unauthenticated Arbitrary File Deletion via Path Traversal in 'eeSubFolder' Parameter_CVE-2026-11911 The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL_DeleteFile...	eemitch	Simple File List	Jun 20, 2026	CVE
NONE	21035EF9-5EDC-	jfp-console-poc_21035EF9-5EDC-5620-8320-382C3B11EE13 JFP Console PoC Tamper-evident autonomous system governor with a live operator dashboard. JFP Console PoC is a Linux daemon that monitors system re...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	PACKETSTORM:223862	📄 TOTOLINK N300RH Buffer Overflow_PACKETSTORM:223862 This is a Metasploit auxiliary module that targets a stack-based buffer overflow in the TOTOLINK N300RH router's setWiFiBasicConfig CGI handler. Th...	N/A	N/A	Jun 19, 2026	PACKETSTORM
NONE	PACKETSTORM:223848	📄 Android Kernel /dev/umts_ipc0 Out-Of-Bounds Read / Write_PACKETSTORM:223848 Proof of concept exploit targeting a vulnerability in an Android kernel driver related to GNSS/UMTS IPC /dev/umtsipc0...	N/A	N/A	Jun 19, 2026	PACKETSTORM