CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2025-62821	CVE-2025-62821_CVE-2025-62821 Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntry_GetDataSize can return success while leaving the repo...	Microsoft	Microsoft HEIF Image Extensions 1.2.22.0	Jun 19, 2026	CVE
CRITICAL 9.8	CVE-2026-51846	CVE-2026-51846_CVE-2026-51846 In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to r...	Tenda	Tenda AC7 v15.03.06.44	Jun 19, 2026	CVE
CRITICAL 9.8	CVE-2026-51845	CVE-2026-51845_CVE-2026-51845 Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter.	Tenda	Tenda AC7 v15.03.06.44	Jun 19, 2026	CVE
CRITICAL 9.8	CVE-2026-51844	CVE-2026-51844_CVE-2026-51844 Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter.	Tenda	Tenda AC7 v15.03.06.44	Jun 19, 2026	CVE
CRITICAL 9.8	CVE-2026-51843	CVE-2026-51843_CVE-2026-51843 Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter.	Tenda	Tenda AC7 v15.03.06.44	Jun 19, 2026	CVE
CRITICAL 9.6	CVE-2026-10789	MCP Extension Code Injection Vulnerability in Autodesk Fusion Desktop_CVE-2026-10789 A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerabili...	Autodesk	Fusion 2703.1.11	Jun 22, 2026	CVE
CRITICAL 9.4	THN:A2D26AE6302...	Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants_THN:A2D26AE6302BAA068AA98AC6FA38A101 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrjCumekV1hjkgdgebp4RqfYc_Yt9Swv4lG7ds3XMDHG9f-JxSuJSWY3UcWIoivJoJkJjdlBvtiQAHKy7NNg...	N/A	N/A	Jun 22, 2026	THN
CRITICAL 9.8	6187732A-19DB-	Exploit for CVE-2026-54806_6187732A-19DB-57D3-B916-91087E253791 WP Activity Log PHP Object Injection CVE-2026-54806 PoC 📜 Description CVE-2026-54806 is a critical CVSS 9.8 unauthenticated PHP Object Injection v...	N/A	N/A	Jun 22, 2026	GITHUBEXPLOIT
CRITICAL 9.1	CVE-2026-9265	Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in print_attribute UTF8STRING path_CVE-2026-9265 Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in print_attribute UTF8STRING path. print_attribute() copies a UTF8ST...	JONASBN	Crypt::OpenSSL::PKCS12	Jun 20, 2026	CVE
CRITICAL 9.1	CVE-2026-11373	Net::Statsite::Client versions through 1.1.0 for Perl allow metric injections_CVE-2026-11373 Net::Statsite::Client versions through 1.1.0 for Perl allow metric injections. Net::Statsite::Client is a client for the statsite protocol, which ...	JASEI	Net::Statsite::Client	Jun 22, 2026	CVE