CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2026-27671	Memory Corruption vulnerability in Application Server ABAP of SAP NetWeaver and ABAP Platform_CVE-2026-27671 Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticate...	SAP_SE	SAP NetWeaver and ABAP Platform KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 722EXT, 7.53, KERNEL 7.22, 7.54, 7.77, 7.89, 7.93, 9.16, 9.18, 91.9	Jun 9, 2026	CVE
CRITICAL 9.8	CVE-2026-44631	Apache HTTP Server: Heap Underflow in `ap_regname` via Signed Char Overflow_CVE-2026-44631 Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: ...	Apache Software Foundation	Apache HTTP Server 2.4.0	Jun 8, 2026	CVE
CRITICAL 9.8	CVE-2026-10879	DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders_CVE-2026-10879 DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL p...	HMBRAND	DBI	Jun 5, 2026	CVE
CRITICAL 9.1	CVE-2026-9270	DataDog::DogStatsd versions through 0.07 for Perl allow metric injections_CVE-2026-9270 DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric in...	DataDog	DataDog::DogStatsd 0.07	Jun 5, 2026	CVE
CRITICAL 9.8	CVE-2026-11362	DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags_CVE-2026-11362 DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, al...	BINARY	DataDog::DogStatsd	Jun 5, 2026	CVE
CRITICAL 9.8	CVE-2026-52778	YesWiki has Unsafe eval() in Formula Calculator – Remote Code Execution (RCE) & Denial of Service (DoS)_CVE-2026-52778 YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator (CalcF...	YesWiki	yeswiki < 4.6.6	Jun 8, 2026	CVE
CRITICAL 9	CVE-2026-11393	Code injection via improper triple-quote escaping in AgentCore CLI Bedrock Agent import_CVE-2026-11393 Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remot...	AWS	AgentCore CLI 0.4.0	Jun 8, 2026	CVE
CRITICAL 9.1	CVE-2026-36500	CVE-2026-36500_CVE-2026-36500 An issue in the cluster-admin:backup-datastore component of Controller v12.0.5 allows attackers to execute a directory traversal via a crafted requ...	OpenDaylight	Controller v12.0.5	Jun 5, 2026	CVE
CRITICAL 9.3	CVE-2026-50751	User Authentication Bypass in VPN Remote Access and Mobile Access_CVE-2026-50751 A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote a...	checkpoint	Quantum Security Gateway R82.10 with Jumbo Hotfix Take 19 or below	Jun 8, 2026	CVE
CRITICAL 9.4	CVE-2026-46442	Flowise: Authenticated Host RCE via POST /api/v1/node-custom-function and NodeVM Sandbox Escape_CVE-2026-46442 Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, POST /api/v1/node-custom-function ...	FlowiseAI	Flowise < 3.1.2	Jun 8, 2026	CVE