CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.9	54FD57FA-4F05-	Exploit for Prototype Pollution in N8N_54FD57FA-4F05-5BF3-A823-C8F345BE77D5 CVE-2026-44789 — n8n HTTP Request Node Pagination Prototype Pollution → RCE An authenticated n8n in the n8n server process through the HTTP Request...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.8	0E8262F5-24FF-	Exploit for Injection in Arjunsharda Searchor_0E8262F5-24FF-5B7F-A10A-2834068BE447 No description provided...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.8	2FA22502-8DE9-	Exploit for CVE-2026-56782_2FA22502-8DE9-5029-A733-3794A93C93F9 CVE-2026-56782 — Gorse Unauthenticated Database Dump / Restore Auth Bypass Gorse /api/dump and /api/restore are gated by an admin check that fails ...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 9.1	CVE-2026-37637	CVE-2026-37637_CVE-2026-37637 An issue in Alexantr filemanager v.1.0 allows a remote attacker to execute arbitrary code via the filemanager.php component	Alexantr	Alexantr filemanager 1.0	Jun 29, 2026	CVE
CRITICAL 10	745E87EB-2F7B-	Exploit for Improper Control of Dynamically-Managed Code Resources in Kidocode Crawl4Ai_745E87EB-2F7B-5DE3-8689-0B856028F54D CVE-2026-53753 — Crawl4AI Unauthenticated Remote Code Execution AST Sandbox Escape Pre-authentication RCE in Crawl4AI expression evaluator safeeval...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 9.8	964E7791-B2DF-	Exploit for Authentication Bypass by Primary Weakness in Crushftp_964E7791-B2DF-59B8-81F3-BEFC914A712D CrushFTP 10.8.0 — CVE-2025-31161 Vulnerable Build Pre-built CrushFTP 10.8.0 binary for authorized penetration testing of CVE-2025-31161. !CAUTION T...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 9.8	983CAFED-3C66-	Exploit for Authentication Bypass by Primary Weakness in Crushftp_983CAFED-3C66-576E-BB1A-B397A3A030D6 Ansible Role: CrushFTP CVE-2025-31161 Ludus An Ansible Role that deploys a vulnerable CrushFTP 10.8.0 instance on Windows for authorized penetratio...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 10	65F73DD7-40DF-	Exploit for Improper Access Control in Widgetfactorylimited Jce_65F73DD7-40DF-5117-8110-BB18FDB3BD7C CVE-2026-48907 – Joomla JCE Unauthenticated Remote Code Execution RCE Severity: Critical CVSS 9.8 / CVSS v4 10.0 CVE: CVE-2026-48907 CWE: CWE-284 –...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 9.8	E7B8F6E4-E610-	0-day-PoC-Repo_E7B8F6E4-E610-5834-9597-E054A9B69439 If you wish to collaborate/discuss with me, contact me on discord @ashdfrkl Sharing this repo keeps me motivated to continue dropping 0-days for yo...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 9.6	CVE-2026-57498	Coolify Cross-Team IDOR: Livewire Components Accept Unscoped server_id and destination_uuid — Deploy to Other Teams’ Servers_CVE-2026-57498 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, Coolify's API controll...	coollabsio	coolify < 4.0.0-beta.474	Jun 29, 2026	CVE