CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	A1D50DD6-435E-	Exploit for CVE-2026-6279_A1D50DD6-435E-5B9D-933B-23BDA38B2B7B Description This Python script is an exploit tool for CVE-2026-6279 targeting Avada Builder = 3.15.2. Key behavior: scans targets for fusionloadnon...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
CRITICAL 9.4	CVE-2026-11624	CVE-2026-11624_CVE-2026-11624 The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebin...	Google	MCP Toolbox for Databases	Jun 13, 2026	CVE
CRITICAL 10	305568CC-85F7-	Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp_305568CC-85F7-5A1B-8FAE-834B17D0B008 Information Security Fundamentals — Spring 2026 Project Total Points: 20 \| Deadline: No late submissions accepted Overview This project simulates a...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT
CRITICAL 9.3	CVE-2026-44990	Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`_CVE-2026-44990 ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Under the d...	apostrophecms	sanitize-html < 2.17.4	Jun 12, 2026	CVE
CRITICAL 9.1	CVE-2026-53609	Apostrophe has Server-Side Prototype Pollution in apos.util.set via patch operators that leads to process-wide authorization bypass_CVE-2026-53609 ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, `apos.util.set()` traverses dot-notation...	apostrophecms	apostrophe <= 4.30.0	Jun 12, 2026	CVE
CRITICAL 9.1	CVE-2026-53519	Nezha Monitoring: Pre-auth path traversal via /dashboard.. prefix confusion leaks jwt_secret_key_CVE-2026-53519 Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. Prior to version 2.0.13, fallbackToFrontend in the ...	nezhahq	nezha < 2.0.13	Jun 12, 2026	CVE
CRITICAL 9.9	CVE-2026-46716	Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron_CVE-2026-46716 Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleM...	nezhahq	nezha >= 1.4.0, < 2.0.8	Jun 12, 2026	CVE
CRITICAL 9.8	F0C31C9B-0A65-	Exploit for CVE-2026-20253_F0C31C9B-0A65-5448-9175-384AF0B76ABF No description provided...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT
CRITICAL 9.5	CVE-2026-48558	SimpleHelp Authentication Bypass via Missing OIDC JWT Signature Verification_CVE-2026-48558 SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. W...	SimpleHelp	SimpleHelp 5.5.0	Jun 12, 2026	CVE
CRITICAL 9.2	CVE-2026-50101	Naxclow IoT Platform Not using password aging_CVE-2026-50101 Naxclow devices use a server-side, per-device relay credential that never rotates and is re-issued to the device on each boot. Because this credent...	Naxclow	Smart Doorbell X3 All	Jun 12, 2026	CVE