CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-54820	WordPress JetBooking plugin <= 4.0.4.1 - SQL Injection vulnerability_CVE-2026-54820 Unauthenticated SQL Injection in JetBooking	Crocoblock. Jetimpex Inc.	JetBooking n/a	Jun 26, 2026	CVE
CRITICAL 9	CVE-2026-54636	Dokku: OS Command Injection via app.json managed Cron_CVE-2026-54636 Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku ...	dokku	dokku < 0.38.7	Jun 26, 2026	CVE
CRITICAL 9	CVE-2026-45408	Dokku: OS Command Injection via App Name in Git Pre-Receive Hook_CVE-2026-45408 Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authent...	dokku	dokku < 0.38.2	Jun 26, 2026	CVE
CRITICAL 9	CVE-2026-45406	Dokku: Host RCE via Maliciously Named OpenResty Include Files Injected Through eval_CVE-2026-45406 Dokku is a docker-powered PaaS. Prior to 0.38.2, the openresty-vhosts plugin copies files from an app's openresty/http-includes/ git repository dir...	dokku	dokku < 0.38.2	Jun 26, 2026	CVE
CRITICAL 9	CVE-2026-45405	Dokku: Arbitrary File Write via Tar Symlink Traversal in git:from-archive and certs:add_CVE-2026-45405 Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary ...	dokku	dokku < 0.38.2	Jun 26, 2026	CVE
CRITICAL 9.3	THN:051D862466E...	CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue_THN:051D862466EBE7A5DE6BB7DD92EA2EA6 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzGOpsiL9b-uwhocEgzazTFR251KJL6pnZAVCmzty7Nx0uR-vZ9r2-WP95IrRaKJtFoUxmBFbqrkt31Yn2MT...	N/A	N/A	Jun 26, 2026	THN
CRITICAL 9.8	712DBDD2-D55C-	Exploit for CVE-2026-54807_712DBDD2-D55C-55CD-96E6-3E6BD0518E8D CVE-2026-54807 CVE-2026-54807 WooCommerce Privilege Escalation ║ ║ Unauthenticated Admin Role Assignment via Reg. Form PRİV8 TOOLS AND EXPLOİT CANA...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-57881	GV-LPC2011/LPC2211 – unauthorized stack-based buffer overflow vulnerability (vlsvr)_CVE-2026-57881 An unauthenticated stack-based buffer overflow vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerab...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
CRITICAL 9.8	CVE-2026-57880	GV-LPC2011/LPC2211 – unauthorized buffer overflow via RTSP Digest username (ssvr)_CVE-2026-57880 An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerabi...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
CRITICAL 9.8	CVE-2026-57879	GV-LPC2011/LPC2211 – unauthorized buffer overflow via AuthMode/AuthValue path (ssvr)_CVE-2026-57879 An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerabi...	GeoVision Inc.	GV-LPC2011/2211 1.12	Jun 26, 2026	CVE