tapic - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	WIRED:6EAA0778F...	Hackers Claim to Leak Stolen Madison Square Garden Data_WIRED:6EAA0778FAA6CAA5158FCD6DCCC93CBC Plus: Gay bars in San Francisco using face scanners, France quits Palantir, Apple plans to change its private email and more.	N/A	N/A	Jun 20, 2026	WIRED
HIGH 7.5	THN:3C02EE8690F...	Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys_THN:3C02EE8690F770FB334836241DFA97E7 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL1kN23KhnFjdjHcR0i-iySK1Zv-kkApPs6yBq11670ubXx0NiAbgDMoYSfwQNyq9asso5AG9KcPRXEL4LU8...	N/A	N/A	Jun 20, 2026	THN
MEDIUM 6.5	CVE-2026-12119	Simple File List <= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute_CVE-2026-12119 The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' s...	eemitch	Simple File List	Jun 20, 2026	CVE
HIGH 7.5	CVE-2026-11912	Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action_CVE-2026-11912 The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up ...	eemitch	Simple File List	Jun 20, 2026	CVE
HIGH 7.5	CVE-2026-11911	Simple File List <= 6.3.7 - Unauthenticated Arbitrary File Deletion via Path Traversal in 'eeSubFolder' Parameter_CVE-2026-11911 The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL_DeleteFile...	eemitch	Simple File List	Jun 20, 2026	CVE
NONE	21035EF9-5EDC-	jfp-console-poc_21035EF9-5EDC-5620-8320-382C3B11EE13 JFP Console PoC Tamper-evident autonomous system governor with a live operator dashboard. JFP Console PoC is a Linux daemon that monitors system re...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	PACKETSTORM:223848	📄 Android Kernel /dev/umts_ipc0 Out-Of-Bounds Read / Write_PACKETSTORM:223848 Proof of concept exploit targeting a vulnerability in an Android kernel driver related to GNSS/UMTS IPC /dev/umtsipc0...	N/A	N/A	Jun 19, 2026	PACKETSTORM
NONE	PACKETSTORM:223862	📄 TOTOLINK N300RH Buffer Overflow_PACKETSTORM:223862 This is a Metasploit auxiliary module that targets a stack-based buffer overflow in the TOTOLINK N300RH router's setWiFiBasicConfig CGI handler. Th...	N/A	N/A	Jun 19, 2026	PACKETSTORM
CRITICAL 9.2	PACKETSTORM:223892	📄 HP Poly Voice Unauthenticated Remote Code Execution_PACKETSTORM:223892 CVE-2026-0826 is a critical unauthenticated stack-based buffer overflow vulnerability affecting all models in the VVX series VVX 150, VVX 250, VVX ...	N/A	N/A	Jun 19, 2026	PACKETSTORM
NONE	PACKETSTORM:223853	📄 Veno File Manager 4.4.9 Log Disclosure_PACKETSTORM:223853 This Metasploit module allows unauthenticated attackers to download application logs from Veno File Manager version 4.4.9 by exploiting the save-cs...	N/A	N/A	Jun 19, 2026	PACKETSTORM