CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2026-9093	CVE-2026-9093_CVE-2026-9093 In Casdoor versions 2.362.0 and earlier, the SAML service provider implementation does not validate the AudienceRestriction element in SAML asserti...	Casdoor	Casdoor 2.362.0 and earlier	May 28, 2026	CVE
CRITICAL 9.1	CVE-2026-42252	Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern_CVE-2026-42252 Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator...	Apache Software Foundation	Apache Airflow 3.0.0	Jun 1, 2026	CVE
CRITICAL 9.3	CVE-2026-42074	OpenClaude: Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input_CVE-2026-42074 OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the dangerouslyDisabl...	Gitlawb	openclaude < 0.5.1	Jun 2, 2026	CVE
CRITICAL 9.2	CVE-2026-0611	Spacelabs Healthcare Sentinel 10.5.x < 11.6.0 Unauthenticated RCE via .NET Remoting_CVE-2026-0611 Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an unauthenticated remote code execution vulnerability th...	Spacelabs Healthcare	Sentinel 10.5.0	Jun 2, 2026	CVE
CRITICAL 9.8	D99A0BB7-56FB-	Exploit for Missing Authentication for Critical Function in Mcpjam Inspector_D99A0BB7-56FB-5C9E-A5E5-63F845A32F54 CVE-2026-23744 - MCPJam Inspector RCE PoC Proof of Concept exploit for CVE-2026-23744: Remote Code Execution vulnerability in MCPJam Inspector 1.4....	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT
CRITICAL 10	CVE-2026-7312	CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity_CVE-2026-7312 CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.823...	Progress Software	Sitefinity 14.0.7700, 15.0.8200, 15.1.8300, 15.2.8400, 15.3.8500, 15.4.8600	Jun 2, 2026	CVE
CRITICAL 9.8	CVE-2026-7198	CWE-284: Improper Access Control in web services in Progress Sitefinity_CVE-2026-7198 CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attacker to acce...	Progress Software	Sitefinity 15.4.8623	Jun 2, 2026	CVE
CRITICAL 9.3	CVE-2026-47117	OpenMed < 1.5.2 Remote Code Execution via PII Model Loading_CVE-2026-47117 OpenMed before 1.5.2 contains a remote code execution vulnerability in the PII privacy-filter model loading path. The privacy-filter dispatcher use...	maziyarpanahi	openmed	Jun 2, 2026	CVE
CRITICAL 9.8	87C9F950-698A-	Exploit for Stack-based Buffer Overflow in Microsoft_87C9F950-698A-5A31-A619-957FBA51CBE0 CVE-2026-41089 - Security Buffer Overflow Quick Usage bash python3 exploit.py -t "C:\\Path\\To\\Target" -o demo.zip --data-file payload.exe Exploit...	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT
CRITICAL 9.8	088050CB-EA94-	-CyberPentest-Plugin-Claude-Code_088050CB-EA94-5CF8-B3D0-6CAF60984803 🔐 CyberPentest Plugin — Claude Code Plugin de pentest offensif intégré à Claude Code. Lance nmap, sqlmap, nuclei, gobuster et recherche automatiqu...	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT