CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	CVE-2026-12537	Unauthenticated Remote Code Execution in Gemini CLI CI/CD Workflows_CVE-2026-12537 Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI (versions prior to 0.39.1) and run-gemini-cli GitHub A...	Google Cloud	Gemini CLI	Jun 24, 2026	CVE
CRITICAL 10	SECURELIST:25DF...	StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader_SECURELIST:25DF27E139AF4557190EDA740DEAB957 ![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2026/06/24085803/SL-StrikeShark-featured-990x400.jpg) ## Introduction Durin...	N/A	N/A	Jun 24, 2026	SECURELIST
NONE	MALWAREBYTES:0F...	“Total access to all your devices.” Sextortion scammers strike again_MALWAREBYTES:0FD9C7128A95FF6374187563C0B72426 At the moment, we’re seeing all kinds of sextortion emails. The scam is cheap to run, easy to automate, and apparently profitable enough that cyber...	N/A	N/A	Jun 24, 2026	MALWAREBYTES
NONE	SCHNEIER:7A1236...	Embedding Forbidden Text in Spyware to Discourage AI Analysis_SCHNEIER:7A1236483F174AEC1AD949F80DF69235 At least one malware developer is adding text about nuclear and biological weapons to their spyware, in an effort to stop automatic AI analysis. D...	N/A	N/A	Jun 24, 2026	SCHNEIER
NONE	THN:E39759F4A03...	Dawn of the Apex Agentic Adversary_THN:E39759F4A03F44F39AA790935B0FBE4A ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuQ2GvCcnjBgMTXoXBXqazE9MU3nbNgeccOlWELBQOL9WcHHH4uXS1BKCrrmv6iWWAn6vu1LZJzpHl1MGetv...	N/A	N/A	Jun 24, 2026	THN
MEDIUM 5.5	CVE-2026-11968	Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’) in TortoiseGit_CVE-2026-11968 Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit	TortoiseGit team	TortoiseGit 1.8.10.0	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-13150	SSRF in Pentestify PDF generation endpoint via Host header_CVE-2026-13150 Server-Side Request Forgery (SSRF) (CWE-918) in the PDF generation endpoint GET /api/reports/{id}/pdf (backend/main.py) in ccyl13 Pentestify 1.0.0 ...	Pentestify	Pentestify	Jun 24, 2026	CVE
HIGH 7.8	4BA3261D-2DE6-	Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel_4BA3261D-2DE6-5D66-AE25-4FA760E8F87D rootpacket CVE-2026-31431 A Linux Docker-to-host cryptojacking toolkit captured from live attacks on Kinryū Labs honeypots. It breaks in through an...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 10	776C9ED4-3841-	Exploit for Code Injection in Craftcms Craft_Cms_776C9ED4-3841-5FC1-B7D1-370CEAB62FAB PoCCVE-2025-32432 CraftCMS CVE-2025-32432 - Clean PoC Version nettoyée et améliorée du PoC original. Crédits - Recherche originale : Orange Cyberde...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
HIGH 8.8	3F58B0E8-968C-	Exploit for Uncontrolled Search Path Element in Checkmk_3F58B0E8-968C-5526-9652-3C321B0F8C30 CVE-2024-0670 - CheckMK Agent MSI Repair Privilege Escalation NanoCorp HTB This repository contains a PowerShell script used to exploit CVE-2024-06...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT