tapic - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	004E17C4-056B-	Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo_004E17C4-056B-597E-B74C-0D0FCCC055C2 CVE-2025-32463-sudo-chwoot PoC for CVE-2025-32463 - Sudo chroot Elevation of Privilege Vulnerability - Original PoC sudo-chwoot.sh - CTF Demo chwoo...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
CRITICAL 10	89C72402-67E2-	Exploit for Deserialization of Untrusted Data in Facebook React_89C72402-67E2-5AB5-923D-766EE155B081 🛡️ React2Shell CTF 🚀 Welcome to React2Shell-CTF, a Dockerized environment designed to practice exploiting React2Shell CVE-2025-55182. React2Shell ...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
CRITICAL 10	C864AB49-BD5F-	Exploit for Improper Input Validation in N8N_C864AB49-BD5F-550D-849F-BF3E904AB1CF CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenticated Arbitrary File Read → Admin Token Forge → Sandbox Bypass → RCE \| \| \| \|---\|---\| \| C...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
MEDIUM 5.1	C90CEE4A-6BE7-	Exploit for Infinite Loop in Pypdf_Project Pypdf_C90CEE4A-6BE7-53CA-8B7A-A5DA2843514F CVE-2026-24688 - pypdf - Circular Reference DoS Vulnerability This repo includes proof of concept code for triggering CVE-2026-24688. Summary Criti...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
NONE	100EB90F-41EE-	github-trending-xss-vulnerability-scanner_100EB90F-41EE-5C0A-A5FB-674097998814 XSS Vulnerability Scanner Plugin Comprehensive cross-site scripting XSS vulnerability detection with context-aware analysis and bypass technique te...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
NONE	7CA75EAE-A0F0-	elevate-kit_7CA75EAE-A0F0-5208-961E-2A8AB16A5A95 elevate-kit Local privilege escalation enumeration scripts for Linux and Windows. Both tools assume you already have a foothold a shell / session o...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
CRITICAL 9.4	CVE-2026-56397	SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README_CVE-2026-56397 SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject ...	SiYuan	SiYuan	Jun 21, 2026	CVE
HIGH 8.7	CVE-2026-56396	phpMyFAQ – Privilege Escalation via Missing Authorization in editUser() and updateUserRights()_CVE-2026-56396 phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated admini...	phpMyFAQ	phpMyFAQ	Jun 21, 2026	CVE
CRITICAL 9.4	CVE-2026-56395	SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README_CVE-2026-56395 SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject ...	SiYuan	SiYuan	Jun 21, 2026	CVE
HIGH 7.1	CVE-2026-56394	Craft CMS – Authenticated Path Traversal in assets/icon Extension Parameter_CVE-2026-56394 Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not va...	craftcms	cms 4.0.0-RC1	Jun 21, 2026	CVE