CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2026-45177	Idira Secrets Manager SaaS Edge: Authentication Bypass of an internal validation mechanism_CVE-2026-45177 Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unau...	CyberArk Software, a Palo Alto Networks Company	Conjur Cloud (Edge Finding only) 1.0	Jun 11, 2026	CVE
CRITICAL 9.8	1B4E1928-22BA-	Systems-and-Cyber-Security-Coursework_1B4E1928-22BA-58AE-868A-852185F77BAA CSI6SCS2526 — Systems and Cyber Security Coursework Grey-Box Vulnerability Assessment \| LSBU \| 2025/26 Student ID: 4214293 \| Group 10 \| Network: 10...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-38581	CVE-2026-38581_CVE-2026-38581 SQL Injection vulnerability in damasac thaipalliative_lte through version 3.0 allows remote attackers to execute arbitrary SQL commands via the idF...	damasac	thaipalliative_lte 3.0	Jun 11, 2026	CVE
CRITICAL 9.1	CVE-2026-9648	CVE-2026-9648_CVE-2026-9648 The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alter...	Haskell Programming Language	crypton-certificate	Jun 11, 2026	CVE
CRITICAL 9.9	CVE-2026-11839	Arbitrary File Upload in Basarsoft’s Rotaban_CVE-2026-11839 Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information Technologies Inc. Rotaban allows Upload a Web Shell to a Web...	Başarsoft Information Technologies Inc.	Rotaban V2026.06.002	Jun 11, 2026	CVE
CRITICAL 9.8	PACKETSTORM:223236	📄 Drupal core 10.5.5 JSON:API PostgreSQL Error-Based SQL Injection_PACKETSTORM:223236 This code demonstrates a research-oriented implementation targeting a reported SQL injection condition in Drupal JSON:API endpoints backed by Postg...	N/A	N/A	Jun 11, 2026	PACKETSTORM
CRITICAL 10	290D6A34-87D4-	Exploit for CVE-2026-48907_290D6A34-87D4-5C44-9D9F-381353970DEF CVE-2026-48907 Educational PoC ⚠️ This repository is for educational and defensive security purposes only. Test only on systems you own or are expl...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
CRITICAL 9.4	CVE-2026-4764	Privilege Escalation in Dialogflow CX via Playbook Import_CVE-2026-4764 A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user w...	Google Cloud	Dialogflow CX	Jun 11, 2026	CVE
CRITICAL 9.8	CVE-2026-7852	Unrestricted File Upload in Limatek’s LimRAD NAC_CVE-2026-7852 Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC allows Remote Code Inclusion. This issue affects L...	Limatek System Inc.	LimRAD NAC before 5.5.7.3.9	Jun 11, 2026	CVE
CRITICAL 9.8	19E0D94A-E2E8-	Exploit for CVE-2026-7458_19E0D94A-E2E8-5EDF-91D0-9D413694423C 🧨 CVE-2026-7458 – PickPlugins User Verification OTP Bypass Unauthenticated Authentication Bypass via Loose Comparison in OTP Verification REST API...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT