CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-10731	SQL injection in Nemon products_CVE-2026-10731 SQL injection in the ‘two_steps_auth_code’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The tw...	Nemon	Nemon Trade Energy 2.95.55	Jun 9, 2026	CVE
CRITICAL 9.8	CVE-2026-5067	Out-of-bounds read/write in HTTP WebSocket upgrade via non-null-terminated Sec-WebSocket-Key_CVE-2026-5067 A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-...	zephyrproject-rtos	Zephyr 3.7.0	Jun 9, 2026	CVE
CRITICAL 9.6	CVE-2026-11671	CVE-2026-11671_CVE-2026-11671 Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a craft...	Google	Chrome 149.0.7827.103	Jun 8, 2026	CVE
CRITICAL 9.6	CVE-2026-11651	CVE-2026-11651_CVE-2026-11651 Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a craft...	Google	Chrome 149.0.7827.103	Jun 8, 2026	CVE
CRITICAL 9.6	CVE-2026-11638	CVE-2026-11638_CVE-2026-11638 Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted...	Google	Chrome 149.0.7827.103	Jun 8, 2026	CVE
CRITICAL 9.6	CVE-2026-11634	CVE-2026-11634_CVE-2026-11634 Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via...	Google	Chrome 149.0.7827.103	Jun 8, 2026	CVE
CRITICAL 9.9	CVE-2026-44748	XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform_CVE-2026-44748 SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message an...	SAP	SAP NetWeaver AS ABAP and ABAP Platform SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816, SAP_BASIS 918, SAP_BASIS 919	Jun 9, 2026	CVE
CRITICAL 9	CVE-2026-40128	Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container)_CVE-2026-40128 SAP NetWeaver Application Server Java (Web Container) allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates f...	SAP_SE	SAP NetWeaver Application Server Java (Web Container) ENGINEAPI 7.50	Jun 9, 2026	CVE
CRITICAL 9.8	CVE-2026-27671	Memory Corruption vulnerability in Application Server ABAP of SAP NetWeaver and ABAP Platform_CVE-2026-27671 Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticate...	SAP_SE	SAP NetWeaver and ABAP Platform KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 722EXT, 7.53, KERNEL 7.22, 7.54, 7.77, 7.89, 7.93, 9.16, 9.18, 91.9	Jun 9, 2026	CVE
CRITICAL 9.8	CVE-2026-44631	Apache HTTP Server: Heap Underflow in `ap_regname` via Signed Char Overflow_CVE-2026-44631 Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: ...	Apache Software Foundation	Apache HTTP Server 2.4.0	Jun 8, 2026	CVE