CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	THN:92496BE41BB...	Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer_THN:92496BE41BBB472864D9FF3429DE96A7 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEid1CxvsX2dPrKoA1VzJ6PUhwrXxvSC4ehRmgyaRRCJlP_MFSeOxvwrT2ODJSbQx3E-7bBwBG4YpP3CQGLz...	N/A	N/A	Jun 30, 2026	THN
CRITICAL 9.8	CVE-2026-9711	EventON – WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection via Search Parameter_CVE-2026-9711 The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress (full) is vulnerable to SQL Injection via the WordPress 'search' paramet...	EventON	EventON (Pro) - WordPress Virtual Event Calendar Plugin	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-12076	SQL Injection in Raytha CMS_CVE-2026-12076 Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to...	Raytha	Raytha 1.5.2	Jun 30, 2026	CVE
CRITICAL 9.8	FBFF27F7-8ED1-	Exploit for CVE-2026-56121_FBFF27F7-8ED1-5776-9326-EF2D07BF0586 CVE-2026-56121 — Feast Unauthenticated RCE via gRPC Registry Deserialization The Feast function of an OnDemandFeatureView as soon as a spec arrives...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.4	8276B0B0-A504-	Exploit for OS Command Injection in Devcode Openstamanager_8276B0B0-A504-5BFB-96EF-E9535076655D CVE-2025-69212-PoC https://github.com/advisories/GHSA-25fp-8w8p-mx36 A critical OS Command Injection vulnerability exists in the P7M signed XML fil...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.8	2EC91A8F-3FD4-	CVE-2026-XXXX-silverpeak-webgms-9.5.6-exposed-admin_2EC91A8F-3FD4-54B9-8741-6AC2418907A9 CVE-2026-XXXX: NVIDIA/SilverPeak SD-WAN webGMS - Exposed Admin Interface Product NVIDIA SilverPeak SD-WAN webGMS Global Management System - Version...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.8	A372C56F-D8B3-	Exploit for CVE-2026-10580_A372C56F-D8B3-5DAE-BD3F-1EB6467679D8 CVE-2026-10580 - WordPress - Hippoo Mobile App for WooCommerce 1.9.4. Additionally: - Regularly audit user accounts for unauthorized changes - Moni...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-12073	ProfileGrid – User Profiles, Groups and Communities <= 5.9.9.5 - Unauthenticated Privilege Escalation via Email Overwrite_CVE-2026-12073 The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation via account takeover in all vers...	metagauss	ProfileGrid – User Profiles, Groups and Communities	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-12819	DVP-12SE Missing Authentication and Unauthorized Write access Vulnerability_CVE-2026-12819 Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticat...	deltaww	DVP-12SE *	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-12818	DVP-12SE Exposure of Sensitive Information Vulnerability_CVE-2026-12818 Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling (CWE-770) within their Modbus TC...	deltaww	DVP-12SE *	Jun 30, 2026	CVE