exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	2A8C8CE0-592F-	Exploit for Missing Authentication for Critical Function in Splunk_2A8C8CE0-592F-566A-AD1D-9DB21DEE0C60 CVE-2026-20253 - Splunk Enterprise Pre-Auth RCE PoC ⚠️ ADVERTENCIA: Este script es solo para fines educativos y de prueba en entornos autorizados. ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	WIRED:A213F3A81...	The Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security Officials_WIRED:A213F3A81A603E96CA725AEEADB603F7 Exposed records from the private group included the personal information of a senior White House intelligence official and an active-duty special o...	N/A	N/A	Jun 26, 2026	WIRED
NONE	SCHNEIER:DF7402...	Meta Is Testing Facial Recognition for Police and Military_SCHNEIER:DF74028FA7E40C4996C0D41330A90633 We know that ICE wants to deploy eyeglasses with facial recognition that can identify people in real time. Turns out Meta is prototyping the featu...	N/A	N/A	Jun 26, 2026	SCHNEIER
CRITICAL 10	THN:7EF04AAF427...	New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks_THN:7EF04AAF4274557391FF629872DDC867 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsnAZNjHSEX7UtabbKNVn68uohH8pK5LKuU2CgckZTJowWHxYmEjx9ROquO9tFsThy-3_759_ko2TQEX4Wm3...	N/A	N/A	Jun 26, 2026	THN
MEDIUM 5.4	PACKETSTORM:224389	📄 Docmost Cross Site Scripting_PACKETSTORM:224389 Docmost versions prior to 0.71.0 suffer from a persistent cross site scripting vulnerability...	N/A	N/A	Jun 26, 2026	PACKETSTORM
HIGH 7.6	PACKETSTORM:224380	📄 TypeBot Server-Side Request Forgery_PACKETSTORM:224380 TypeBot versions prior to 3.16.0 suffer from a server-side request forgery vulnerability...	N/A	N/A	Jun 26, 2026	PACKETSTORM
MEDIUM 5.4	PACKETSTORM:224388	📄 Docmost 0.70.x Authorization Bypass_PACKETSTORM:224388 A low-privileged Docmost user could supply a victim attachmentId to the generic upload endpoint and overwrite another page's stored attachment insi...	N/A	N/A	Jun 26, 2026	PACKETSTORM
HIGH 8.6	PACKETSTORM:224376	📄 Yeoman Environment 6.0.0 Code Execution_PACKETSTORM:224376 Yeoman Environment versions 2.9.0 through 6.0.0 have an issue where missing generators can be installed without user confirmation, turning attacker...	N/A	N/A	Jun 26, 2026	PACKETSTORM
NONE	PACKETSTORM:224373	📄 Penpot Server-Side Request Forgery_PACKETSTORM:224373 Penpot's remote image import let an authenticated file editor turn a normal media convenience feature into backend-origin server-side request forge...	N/A	N/A	Jun 26, 2026	PACKETSTORM
HIGH 8.3	PACKETSTORM:224372	📄 Plane Improper Authorization_PACKETSTORM:224372 Plane's asset subsystem trusted workspace slugs and asset UUIDs without enforcing the right membership checks, which let one authenticated user rea...	N/A	N/A	Jun 26, 2026	PACKETSTORM