CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2026-39938	Cacti: Unauthenticated RCE on Graph Image_CVE-2026-39938 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graph_theme and rrdt...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-39955	Cacti has Pre-Authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php_CVE-2026-39955 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Injection via unanchored ...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
CRITICAL 9.3	CVE-2026-39948	Cacti has SQL Injection via rfilter parameter in RLIKE clauses_CVE-2026-39948 Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request parameter is retrieved via th...	Cacti	cacti < 1.2.31	Jun 24, 2026	CVE
CRITICAL 9.9	1D800BD3-189F-	Exploit for CVE-2026-38526_1D800BD3-189F-5EE9-BFBA-BC99C4EB9527 No description provided...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 10	D6143492-FDD6-	Exploit for Unrestricted Upload of File with Dangerous Type in Gvectors Wpdiscuz_D6143492-FDD6-5B65-991B-5C7A537B4D18 CVE-2020-24186 Exploit para RCE Remote Code Exec CVE de plugin vulnerable en Wordpress WP-Discuz en versión 7.0.4...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 9.9	CVE-2026-52806	Gogs: RCE via git rebase –exec argument injection in pull request merge_CVE-2026-52806 Gogs is an open source self-hosted Git service. Prior to 0.14.3, Gogs allows authenticated users to achieve Remote Code Execution (RCE) on the serv...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
CRITICAL 10	CVE-2026-52813	Gogs: Path Traversal in organization name results in RCE through Git hooks_CVE-2026-52813 Gogs is an open source self-hosted Git service. Prior to 0.14.3, organization names containing path traversal sequences (../) are accepted by Gogs,...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
CRITICAL 9	CVE-2026-52811	Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym_CVE-2026-52811 Gogs is an open source self-hosted Git service. Prior to 0.14.3, (*Repository).UploadRepoFiles checks for symlinks only on the leaf of the upload t...	gogs	gogs < 0.14.3	Jun 24, 2026	CVE
CRITICAL 9.3	CVE-2026-46423	Rocket.Chat: SAML signature validation skipped when IdP certificate field is empty_CVE-2026-46423 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7...	RocketChat	Rocket.Chat >= 8.5.0-rc.0, < 8.5.0	Jun 24, 2026	CVE
CRITICAL 9.1	CVE-2026-45689	Rocket.Chat: Pre-Auth NoSQL Injection in OAuth2 Token Endpoint leading to Arbitrary User ATO_CVE-2026-45689 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7...	RocketChat	Rocket.Chat >= 8.5.0-rc.0, < 8.5.0	Jun 24, 2026	CVE