CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2026-45550	Roxy-WI: IDOR on PUT /smon/check — any user can rewrite any tenant’s monitoring URL/IP/body_CVE-2026-45550 Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, PUT /smon/check (app/routes/s...	roxy-wi	roxy-wi <= 8.2.6.4	Jun 10, 2026	CVE
CRITICAL 9.3	E58673C7-8ED0-	Exploit for Improper Authentication in Checkpoint Gaia_Os_E58673C7-8ED0-562C-8B2F-1A682CF0C643 markdown CVE-2026-50751 - Check Point IKEv1 Authentication Bypass Exploit ⚠️ ADVERTENCIA IMPORTANTE Este código es SOLO para fines educativos y pru...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.8	9BC08ADB-8F4F-	Exploit for SQL Injection in Glpi-Project Glpi_9BC08ADB-8F4F-5010-BDA8-9F36150A79A7 CVE-2023-36808 - GLPI Unauthenticated SQL Injection Vulnerability GLPI versions field is injected directly into a SQL query without sanitisation: s...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.8	A471D383-7A66-	Exploit for Improper Input Validation in Drupal_A471D383-7A66-5507-AD3C-3606DC272DB9 drupalgeddon2-cli A command-line rewrite of the Drupalgeddon2 CVE-2018-7600 proof-of-concept, built as a study exercise while working through the H...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 10	7D18273C-34E3-	Exploit for Use of Incorrectly-Resolved Name or Reference in Apache Tomcat_7D18273C-34E3-5A00-B425-67EF1C53E606 CVE-2025-24813 - Apache Tomcat Partial PUT + Deserialization RCE 📋 Overview CVE-2025-24813 is a high‑severity vulnerability in Apache Tomcat that ...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.1	CVE-2026-9067	Schema & Structured Data for WP & AMP < 1.60 - Unauthenticated Arbitrary Media Upload_CVE-2026-9067 The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers a...	Unknown	Schema & Structured Data for WP & AMP	Jun 10, 2026	CVE
CRITICAL 9.8	CVE-2025-6254	Doctreat Core <= 1.6.8 - Unauthenticated Privilege Escalation_CVE-2025-6254 The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.6.8. This is due to the doctre...	AmentoTech	Doctreat Core	Jun 10, 2026	CVE
CRITICAL 9.8	THN:DBB7D43EBD3...	Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs_THN:DBB7D43EBD32D9B6D51C0558B77E438D ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDOIX9PorKjXDciuKmL8xLL9vrOVtBou5tBhn4T-u7cgllDKei3HRDr8vsXGM-MllL1eb6E_pdEID5s_sRUx...	N/A	N/A	Jun 10, 2026	THN
CRITICAL 10	D08D4EF5-0307-	Exploit for CVE-2026-10520_D08D4EF5-0307-5336-8253-F56FE19CCC6B CVE-2026-10520 — Ivanti Sentry Mass Scanner Detection scanner for CVE-2026-10520, an OS command injection vulnerability in Ivanti Sentry. Vulnerabi...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT
CRITICAL 9.1	2C789584-82FD-	Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os_2C789584-82FD-5503-B3B1-B5B9573BD5DA 🚨 CVE-2026-0257 – PAN-OS GlobalProtect Authentication Bypass Security research, technical analysis, detection guidance, IOC collection, and defens...	N/A	N/A	Jun 10, 2026	GITHUBEXPLOIT