exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2025-64636	WordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerability_CVE-2025-64636 Unauthenticated Broken Access Control in Donation Thermometer	rhewlif	Donation Thermometer n/a	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2025-63079	WordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability_CVE-2025-63079 Contributor Broken Access Control in Live Copy Paste for Elementor	bdthemes	Live Copy Paste for Elementor n/a	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2025-63078	WordPress Restaurant Menu by MotoPress plugin <= 2.4.11 - Broken Access Control vulnerability_CVE-2025-63078 Subscriber Broken Access Control in Restaurant Menu by MotoPress	jetmonsters	Restaurant Menu by MotoPress n/a	Jun 26, 2026	CVE
MEDIUM 5.4	CVE-2025-63041	WordPress Forget About Shortcode Buttons plugin <= 2.1.3 - Broken Access Control vulnerability_CVE-2025-63041 Contributor Broken Access Control in Forget About Shortcode Buttons	Code Amp	Forget About Shortcode Buttons n/a	Jun 26, 2026	CVE
HIGH 7.2	CVE-2026-9640	LXD Snapshot Import Privilege Escalation Vulnerability_CVE-2026-9640 A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of proj...	Canonical	LXD 5.21.0	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-9639	Authenticated Denial of Service via Malicious Backup Tarball in LXD_CVE-2026-9639 Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with can_create_sto...	Canonical	LXD 5.21.0	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-47214	Docling: Unsafe URI and Path Handling in HTML Backend_CVE-2026-47214 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the...	docling-project	docling < 2.94.0	Jun 26, 2026	CVE
MEDIUM 5.5	CVE-2026-44018	Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend_CVE-2026-44018 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.45.0 until 2....	docling-project	docling >= 2.45.0, < 2.91.0	Jun 26, 2026	CVE
HIGH 8.4	CVE-2026-12411	Broken Access Control in Canonical LXD DevLXD API_CVE-2026-12411 Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another ...	Canonical	lxd 6.6	Jun 26, 2026	CVE
HIGH 8.7	CVE-2026-57518	Pagekit CMS 1.0.18 Privilege Escalation via UserApiController_CVE-2026-57518 Pagekit CMS 1.0.18 contains a privilege escalation vulnerability that allows authenticated users with the 'user: manage users' permission to escala...	pagekit	pagekit 1.0.18	Jun 26, 2026	CVE