exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.1	CVE-2026-41045	Weak polkit authentication check in qSnapper_CVE-2026-41045 A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication m...	presire	qSnapper	Jun 22, 2026	CVE
MEDIUM 5.9	CVE-2026-12725	Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies_CVE-2026-12725 A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies conta...	Red Hat	Red Hat Enterprise Linux 10	Jun 22, 2026	CVE
HIGH 8.1	CVE-2026-12628	Hardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized access to system_CVE-2026-12628 IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attack...	IBM	Storage Protect Client 8.1.0.0	Jun 22, 2026	CVE
MEDIUM 4.8	CVE-2026-12549	Libsoup: incomplete fix for cve-2026-2443: range suffix overflow in libsoup soupserver_CVE-2026-12549 The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When...	Red Hat	Red Hat Enterprise Linux 10	Jun 22, 2026	CVE
MEDIUM 6.1	CVE-2026-12479	Path Traversal in keras-team/keras_CVE-2026-12479 A path traversal vulnerability exists in keras-team/keras version 3.14.0, specifically in the `DiskIOStore.make` method within the Keras 3 model sa...	keras-team	keras-team/keras unspecified	Jun 22, 2026	CVE
MEDIUM 4.8	CVE-2026-11943	Akaunting 3.1.21 – Authenticated stored XSS in document timeline_CVE-2026-11943 Akaunting 3.1.21 contains an authenticated stored cross-site scripting vulnerability in the document timeline shown on invoice and bill detail page...	Akaunting	Akaunting 3.1.21	Jun 22, 2026	CVE
MEDIUM 4.8	CVE-2026-11942	Akaunting 3.1.21 – Stored XSS in delete confirmation modal_CVE-2026-11942 Akaunting 3.1.21 contains an authenticated stored cross-site scripting vulnerability in the reusable delete confirmation flow. A user with permissi...	Akaunting	Akaunting 3.1.21	Jun 22, 2026	CVE
MEDIUM 5.4	CVE-2026-11372	IBM TRIRIGA Cross-Site Scripting Vulnerability_CVE-2026-11372 IBM TRIRIGA Application Platform 5.0.2 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embe...	IBM	TRIRIGA Application Platform 5.0.2	Jun 22, 2026	CVE
NONE	THN:6EDDB510298...	29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests_THN:6EDDB51029888D4C2E2682D0407BD7BC ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA4IfKMjQxVhpOYdrcCC4ty0vlGBDg_qCZuuvSTvyVWXYPXQlli7qyCZkPdHHuGJp-HVH1s-HGmf_Zqn97o2...	N/A	N/A	Jun 22, 2026	THN
HIGH 8.3	MS:CVE-2026-12468	Chromium: CVE-2026-12468 Inappropriate implementation in Updater_MS:CVE-2026-12468 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE