tapic - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-47777	Mastodon has a consent-check bypass in its remote Collections_CVE-2026-47777 Mastodon is a free, open-source social network server based on ActivityPub. In versions there is a missing condition in the check if remote account...	mastodon	mastodon >= nightly.2026-03-10, < 4.6.0-beta.1	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-20262	Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability_CVE-2026-20262 A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a ...	Cisco	Cisco Catalyst SD-WAN Manager 20.1.12	Jun 15, 2026	CVE
NONE	PACKETSTORM:223392	📄 FreeType Font Rendering Overflow Test Harness / Crash Detection_PACKETSTORM:223392 This C program is a testing harness built around the FreeType font rendering library to detect potential memory corruption issues such as heap buff...	N/A	N/A	Jun 15, 2026	PACKETSTORM
NONE	PACKETSTORM:223409	📄 FreeType SHZ 2.14.3 Heap Buffer Overflow_PACKETSTORM:223409 This Python proof of concept framework is designed for security research into a reported heap buffer overflow condition affecting the FreeType True...	N/A	N/A	Jun 15, 2026	PACKETSTORM
CRITICAL 10	PACKETSTORM:223388	📄 FreePBX SQL Injection / Shell Upload / Remote Root_PACKETSTORM:223388 This Python3 script exploits a remote SQL injection vulnerability in FreePBX and adds a remote shell that achieves root privileges. This issue has ...	N/A	N/A	Jun 15, 2026	PACKETSTORM
HIGH 8.8	THN:DED9C232B49...	LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers_THN:DED9C232B49BBF1CB0977760C793F104 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiH9LcMRhk5Li59rG05yXoOOofNzGpeG1MMSKQqhFCGW_28n0SjLKd9D4MC68N7jPP6dF2h2l8gW1OE7Y7ak...	N/A	N/A	Jun 15, 2026	THN
CRITICAL 9.8	CVE-2026-11526	GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle_CVE-2026-11526 GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::I...	RURBAN	GD	Jun 14, 2026	CVE
MEDIUM 5.3	CVE-2026-8386	WP Go Maps < 10.0.10 - Unauthenticated Sensitive Information Disclosure via Marker ID_CVE-2026-8386 The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing u...	Unknown	WP Go Maps	Jun 15, 2026	CVE
CRITICAL 9.8	CVE-2026-8935	Advanced Google Maps < 6.1.1 - Unauthenticated Administrator Account Creation_CVE-2026-8935 The WP MAPS PRO WordPress plugin before 6.1.1 registers an unauthenticated AJAX action which, given a valid nonce that is publicly emitted on any f...	Unknown	WP MAPS PRO	Jun 15, 2026	CVE
CRITICAL 9.3	13CA0CE8-12D1-	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering_Toolkits_13CA0CE8-12D1-54FC-9A7F-66AE9C6F4402 No description provided...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT