CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.8	CVE-2026-47747	stable-diffusion.cpp has a Heap-based Buffer Overflow_CVE-2026-47747 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In...	leejet	stable-diffusion.cpp < master-584-0a7ae07	Jun 16, 2026	CVE
MEDIUM 5.4	CVE-2026-46448	CVE-2026-46448_CVE-2026-46448 In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation.	OpenStack	Nova 18.0.0	Jun 16, 2026	CVE
CRITICAL 9.1	CVE-2026-22313	OS Commands Executed with Administrative Permissions in Radiflow iSAP Smart Collector_CVE-2026-22313 The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vuln...	Radiflow	iSAP Smart Collector 3.07-1	Jun 16, 2026	CVE
HIGH 8.6	CVE-2026-22312	Use of Hard-coded Credentials Vulnerability in Radiflow iSAP Smart Collector_CVE-2026-22312 The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get a...	Radiflow	iSAP Smart Collector 3.07-1	Jun 16, 2026	CVE
MEDIUM 5.7	CVE-2026-12425	Reflected / DOM cross-site scripting (XSS) in PowerSchool ERP / Employee Access Center 23.10_CVE-2026-12425 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PowerSchool Employee Access Center all...	PowerSchool	Employee Access Center 23.10	Jun 16, 2026	CVE
HIGH 7.4	CVE-2026-10303	ServerCo getssl ACME shell script path injection_CVE-2026-10303 In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against RFC 8555 before being...	ServerCo	getssl	Jun 16, 2026	CVE
NONE	HACKREAD:EACDD4...	Amos Stealer Targets macOS Keychain Files and Browser Passwords_HACKREAD:EACDD4EF361C13E578E47905212C148C Amos Stealer targets macOS users through fake downloads, stealing Keychain files, browser passwords, cookies, and developer configs for data theft.	N/A	N/A	Jun 16, 2026	HACKREAD
NONE	THN:31D6A8EEFDC...	ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures_THN:31D6A8EEFDCDC1F07C27210ABC2B2BB4 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilHq1gG2gCazQF6_B9H-W3ck6nmgu3L4IPuzaMg9RMEAbpHyVqfYmFOquQ9_ldT1kG2r1kYUqt-WlpWWvD3D...	N/A	N/A	Jun 16, 2026	THN
NONE	415A117B-A28B-	OffSploit_415A117B-A28B-5B94-A898-C38DDF911AB1 🤖 OffSploit - Automate your security testing tasks effectively OffSploit helps you perform security tests on your own systems. This tool uses loca...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-50890	CVE-2026-50890_CVE-2026-50890 Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This v...	Bernd Bestel	grocy v4.6.0	Jun 15, 2026	CVE