Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.1	CVE-2025-71331	Flowise – Cross-Site Scripting in Chat Messages and Agent Workflows_CVE-2025-71331 Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent f...	Flowise	Flowise	Jun 20, 2026	CVE
CRITICAL 9.9	CVE-2026-5366	Git Argument Injection in prefecthq/prefect_CVE-2026-5366 Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the `GitRepository` storage clas...	prefecthq	prefecthq/prefect unspecified	Jun 20, 2026	CVE
HIGH 8.2	90EC8998-FB96-	explotability_analysis_ebpf_90EC8998-FB96-54C8-B382-EB8D24257354 eBPF Verifier Exploit Research — s344024 Romano Simone Research project for the Security Verification and Testing SVT course — analysis and exploit...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
CRITICAL 9.8	51654478-7539-	Exploit for OS Command Injection in Redhat Openshift_Container_Platform_51654478-7539-5748-ADF6-E1E5CD131F2F CVE-2026-4480-PoC...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	7D09A83C-C6CD-	browserlover_7D09A83C-C6CD-5EFA-9E1F-FE28400B2E1F No description provided...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
LOW 2.3	CVE-2026-56325	Capgo – App ID Confusion via ILIKE Wildcard in Preview Subdomain Lookup_CVE-2026-56325 Capgo before 12.128.2 uses ILIKE pattern matching instead of exact matching for app_id lookup in the preview subdomain resolver, allowing underscor...	Capgo	Capgo	Jun 20, 2026	CVE
LOW 2.3	CVE-2026-56317	Nuxt – Cross-Site Scripting via NoScript Component Slot Content_CVE-2026-56317 Nuxt before 4.4.7 (and the 3.x branch before 3.21.7) contains a cross-site scripting vulnerability in the NoScript component that writes slot conte...	Nuxt	Nuxt 4.0.0	Jun 20, 2026	CVE
NONE	HACKREAD:7261C7...	MDR Provider Comparison: Time to Discover and Respond to Threats_HACKREAD:7261C791BE2D3FF87A7C570142D9E829 A detailed MDR provider comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose.	N/A	N/A	Jun 20, 2026	HACKREAD
CRITICAL 10	CVE-2026-48939	Joomla Extension – icagenda.com – Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15_CVE-2026-48939 A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in P...	icagenda.com	iCagenda extension for Joomla 1.0.0-3.9.14	Jun 20, 2026	CVE
CRITICAL 9.5	CVE-2026-48909	Joomla Extension – joomshaper.com – PHP Object injection in SP LMS extension for Joomla < 4.1.4_CVE-2026-48909 SP LMS (com_splms) < 4.1.4 by JoomShaper deserializes user-controlled cookie data without validation, enabling an unauthenticated remote attacker t...	joomshaper.net	SP LMS extension for Joomla 1.0.0-4.1.3	Jun 20, 2026	CVE