exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-13083	Pen-drive: pen-drive: stored xss via unescaped cluster data in html report_CVE-2026-13083 A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An ...	Red Hat	Pen Drive Powered by Red Hat Lightspeed	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-12993	Apicurio/apicurio-registry: apicurio-registry: xml entity-expansion denial of service via internal dtd subset_CVE-2026-12993 A flaw was found in Apicurio Registry. The DocumentBuilderAccessor correctly blocks external DTD and schema access but does not disable DOCTYPE dec...	Red Hat	Red Hat build of Apicurio Registry 3	Jun 25, 2026	CVE
LOW 3.8	CVE-2026-13322	Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of service_CVE-2026-13322 A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine(), which buff...	Red Hat	Red Hat OpenShift Virtualization 4	Jun 26, 2026	CVE
NONE	E07672B6-E349-	netproto_toolkit_E07672B6-E349-5FE5-953E-0A86375F7597 netprototoolkit Network protocol security research toolkit in Python, covering the full workflow from traffic capture through protocol fuzzing to e...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
NONE	MSSECURE:A4C90F...	StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them_MSSECURE:A4C90F6D8F83B1BF96EC12CDFC5FC84E In this article 1. The role of infostealers: From credential theft to intrusion 2. StealC: Infostealer for rent 3. Amadey: Malware-as-a-serv...	N/A	N/A	Jun 24, 2026	MSSECURE
NONE	MSSECURE:0C0117...	Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms_MSSECURE:0C0117AE434E10AACC147291C44D651A The endpoint management category is being redefined in real time. Organizations no longer need tools that only inventory devices or enforce configu...	N/A	N/A	Jun 25, 2026	MSSECURE
NONE	TALOSBLOG:7A5EA...	Beyond IOCs: AI-enabled threat intelligence_TALOSBLOG:7A5EACBCE90B3C23AAD5D9F502830B62 ![Beyond IOCs: AI-enabled threat intelligence](https://storage.ghost.io/c/af/a0/afa04ee3-414f-4481-8d23-7e7c146f192e/content/images/2026/06/threat_...	N/A	N/A	Jun 25, 2026	TALOSBLOG
CRITICAL 9.3	CF51C38E-52F7-	cve-research_CF51C38E-52F7-5CB5-9ACE-2BCD8F86C0BE CVE Research Notes and code from going through public CVEs that caught my attention. Each folder has a writeup of how the bug actually worked, a de...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
NONE	2DBFA02A-1FF8-	pentest-cheatsheet_2DBFA02A-1FF8-528D-8CBD-0BB4657AC723 pentest-cheatsheet Commands, techniques and notes for penetration testing — web, AD, network, post-exploitation. Pentest Cheatsheet Commands, techn...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
MEDIUM 6	CVE-2026-6731	X.509 name constraint bypass via Subject CN treated as a DNS name_CVE-2026-6731 X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's D...	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE