CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	13CA0CE8-12D1-	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering_Toolkits_13CA0CE8-12D1-54FC-9A7F-66AE9C6F4402 No description provided...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-41157	GPU DDK – OOB Write in CalculateNPOTTwiddleSparsePageMap3D_CVE-2026-41157 A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space...	Imagination Technologies	Graphics DDK 1.18 RTM, 23.2 RTM, 24.2 RTM, 25.1 RTM, 26.1 RTM	Jun 12, 2026	CVE
CRITICAL 9.8	CVE-2026-9862	Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability_CVE-2026-9862 Fortra's Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker ...	Fortra	Core Privileged Access Manager (BoKS) boks-server 8.1.0.0	Jun 15, 2026	CVE
CRITICAL 9.2	DE40BC6F-7F50-	Exploit for CVE-2026-9277_DE40BC6F-7F50-5F83-B654-AEE371F307C5 CVE-2026-9277 - Shell-Quote Command Injection Exploit A specialized Proof of Concept PoC exploit script designed to verify and demonstrate CVE-2026...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
CRITICAL 10	CVE-2026-52704	WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability_CVE-2026-52704 Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion...	Edgar Rojas	WooCommerce PDF Invoice Builder n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-5482	Remote Code Execution via Unrestricted File Upload in Responsive FileManager_CVE-2026-5482 Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint...	Tecrail	Responsive FileManager 9.14.0	Jun 15, 2026	CVE
CRITICAL 9.2	CVE-2026-49757	OAuth2/OIDC account takeover in AshAuthentication via email-based user matching_CVE-2026-49757 Authentication Bypass by Spoofing vulnerability in team-alembic AshAuthentication allows account takeover of local users via OAuth2/OIDC sign-in. ...	team-alembic	ash_authentication 0.1.0	Jun 15, 2026	CVE
CRITICAL 9.1	FC17B1E5-1DBA-	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Treck Tcp\/Ip_FC17B1E5-1DBA-5684-A537-D7493B9D3AEA No description provided...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
CRITICAL 9.1	FB7C6A6C-C89F-	Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os_FB7C6A6C-C89F-5CF5-BC7F-79EAF5F42258 CVE-2026-0257 testing...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
CRITICAL 9.2	90F0A8EE-51A7-	Exploit for CVE-2026-42945_90F0A8EE-51A7-5AC2-8C97-EEBEED5A9E9B CVE-2026-42945 — NGINX Rift Critical heap buffer overflow in NGINX's ngxhttprewritemodule, present since 2008 version 0.6.27. Allows unauthenticate...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT