CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	THN:6B787AC9D1F...	Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week_THN:6B787AC9D1F1066F097548000F8A1B03 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisozpc0YfCvHjGAyEZf7c1G10iEOgszA-mkIIrhG3A4VYcq8_Hih8U0hO66iBoDPPJZhfq7Dc3fGTsMLDiFi...	N/A	N/A	Jun 16, 2026	THN
CRITICAL 9.9	0EC1604B-E72F-	Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Portainer_0EC1604B-E72F-5EC0-A160-6417C6A48750 CVE-2026-44881 — Portainer Git Symlink → Arbitrary Host File Read Single-script exploit for CVE-2026-44881, a Git symlink injection in Portainer's ...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.9	C39D709A-5707-	Exploit for Use After Free in Redis_C39D709A-5707-512E-A49D-440E35D65CDB CVE-2025-49844 - RediShell Use-after-free in Redis Lua scripting leading to remote code execution. Summary of the CVE Redis is an open source, in-m...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.8	F2E78F8B-FFD9-	Exploit for OS Command Injection in Redhat Openshift_Container_Platform_F2E78F8B-FFD9-57F2-B246-315C95294897 Usage: For anonymos login: python3 exploit.py --lhost --lport -t -N it is for anonymous login Login via credentials: python3 exploit.py --lhost --l...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.3	1887B5CB-F35E-	Exploit for Improper Authentication in Checkpoint Gaia_Os_1887B5CB-F35E-509F-992F-1B55A688FF1D CVE-2026-50751 Scanner Multi-target detection scanner for CVE-2026-50751 -- Check Point IKEv1 Remote Access VPN certificate-authentication bypass. ...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.9	CVE-2026-40750	WordPress Kids Online Store theme <= 0.8.9 - Arbitrary File Upload vulnerability_CVE-2026-40750 Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This ...	themagnifico52	Kids Online Store n/a	Jun 16, 2026	CVE
CRITICAL 9.3	CVE-2026-52715	WordPress GEO my WordPress plugin <= 4.5.5 - SQL Injection vulnerability_CVE-2026-52715 Unauthenticated SQL Injection in GEO my WordPress	Eyal Fitoussi	GEO my WordPress n/a	Jun 16, 2026	CVE
CRITICAL 9.9	CVE-2026-49774	WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability_CVE-2026-49774 Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects...	Filipe Nasc	RD Station n/a	Jun 16, 2026	CVE
CRITICAL 9.3	CVE-2026-49772	WordPress The Events Calendar plugin 6.15.12-6.16.2 – SQL Injection vulnerability_CVE-2026-49772 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Liquid Web / StellarWP The Events Calendar al...	Liquid Web / StellarWP	The Events Calendar 6.15.12	Jun 16, 2026	CVE
CRITICAL 9.3	CVE-2026-39574	WordPress InPost Gallery plugin <= 2.1.4.6 - SQL Injection vulnerability_CVE-2026-39574 Unauthenticated SQL Injection in InPost Gallery	RealMag777	InPost Gallery n/a	Jun 16, 2026	CVE