Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-49133	Typemill < 2.24.0 Path Traversal via ControllerApiImage::getPagemedia()_CVE-2026-49133 Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated attackers with Author-level privileges to read arbitrary f...	typemill	typemill	Jun 17, 2026	CVE
MEDIUM 5.3	CVE-2026-48988	markdown-it: Quadratic complexity DoS in smartquotes rule via replaceAt string operations_CVE-2026-48988 markdown-it is a Markdown parser. Versions 14.1.1 and below contain a denial-of-service vulnerability when typographer: true is enabled, due to qua...	markdown-it	markdown-it < 14.2.0	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-48979	PHP Standard Library: HTTP/2 server-side missing content-length validation enables request smuggling_CVE-2026-48979 PHP Standard Library (PSL) is set of APIs covering async, collections, networking, I/O, cryptography, terminal UI, etc. In versions 6.1.0, 6.1.1 an...	php-standard-library	php-standard-library >= 6.1.0, < 6.1.2	Jun 17, 2026	CVE
MEDIUM 5.8	CVE-2026-48821	Shaarli: DOM-based Cross-Site Scripting (XSS) in Thumbnail Synchronizer_CVE-2026-48821 Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a DOM-based Cross-Site Scripting (XSS) vulnerability in the Thumbnail ...	shaarli	Shaarli < 0.16.2	Jun 17, 2026	CVE
NONE	MSF:EXPLOIT-WINDOWS-	NTLM Relay to Self (HTTP to LDAP) – Post Exploitation_MSF:EXPLOIT-WINDOWS-LOCAL-NTLM_RELAY_2_SELF- This module performs an NTLM relay-to-self privilege escalation attack. It starts an HTTP-to-LDAP relay server on the compromised host, then trigge...	N/A	N/A	Jun 17, 2026	METASPLOIT
NONE	FC7E063F-7FC6-	Hadoop-YARN-RCE_FC7E063F-7FC6-592E-BBD9-FE777046579E Unauthenticated RCE in Apache Hadoop YARN ResourceManager An unauthorized access vulnerability exists in Apache Hadoop YARN ResourceManager when it...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
MEDIUM 5.5	7C677A10-9FA7-	Exploit for Path Traversal in Microsoft_7C677A10-9FA7-51FB-8E47-4CC7BE2CF1F8 NimbusPwn — networkd-dispatcher 📜 Description A C PoC for NimbusPwn, a local privilege escalation in networkd-dispatcher. An unprivileged user cla...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.8	4D212348-0CE4-	Exploit for Argument Injection in Gnu Inetutils_4D212348-0CE4-5BBD-86E0-05C3D2BF492E CVE-2026-24061 — Reproduction Lab ⚠️ For educational purposes only. Isolated lab environment. Français ci-dessous --- Summary Critical authenticati...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
NONE	AKAMAIBLOG:0A28...	Microsegmentation: Your Digital First Responder to LLM Threats_AKAMAIBLOG:0A2827C3E2971AD3E00887BFB1C6FDBC {“lastseen”:”2026-06-17T19:36:49″,”description”:””,”published”:”2026-06-17T15:00:...	N/A	N/A	Jun 17, 2026	AKAMAIBLOG
CRITICAL 9.8	MSSECURE:00B5F0...	Beyond the benchmark: Advancing security at AI speed_MSSECURE:00B5F0DA128161763042D52D4210A2E0 In this article 1. From the lab into the pipeline 2. This month’s set of discoveries 3. Beyond the headline: What the engineering work taugh...	N/A	N/A	Jun 17, 2026	MSSECURE