CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	38CC0676-948A-	Exploit for Cross-site Scripting in Roundcube Webmail_38CC0676-948A-5269-9162-8B92F853D747 CVE-2024-42009 — Roundcube Webmail 1.6.6 Stored XSS PoC For authorised security testing, CTF environments, and educational research only. Using thi...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.3	C5EFE23A-E7AE-	Exploit for CVE-2015-10141_C5EFE23A-E7AE-5AC1-BCD5-1817788E4C5B CVE-2015-10141...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.2	CVE-2026-55200	libssh2 – Out-of-Bounds Write via Unchecked packet_length in transport.c_CVE-2026-55200 libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2_transport_read() that fails to enforce upper ...	libssh2	libssh2	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-54388	Tinyproxy – HTTP Request Smuggling via Duplicate Content-Length Headers_CVE-2026-54388 Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content-Length headers with differing values, forwa...	tinyproxy	tinyproxy	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-54387	Tinyproxy – HTTP Request Smuggling via CL/TE Desynchronization_CVE-2026-54387 Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, forwarding...	tinyproxy	tinyproxy	Jun 17, 2026	CVE
CRITICAL 9.1	CVE-2026-48814	Network-AI: Empty default secret still authorizes all requests (Incomplete fix for CVE-2026-46701)_CVE-2026-48814 Network-AI is a TypeScript/Node.js multi-agent orchestrator. In versions 5.7.1 and earlier, the MCP SSE server allows unauthenticated cross-origin ...	Jovancoding	Network-AI < 5.7.2	Jun 17, 2026	CVE
CRITICAL 9.8	4D212348-0CE4-	Exploit for Argument Injection in Gnu Inetutils_4D212348-0CE4-5BBD-86E0-05C3D2BF492E CVE-2026-24061 — Reproduction Lab ⚠️ For educational purposes only. Isolated lab environment. Français ci-dessous --- Summary Critical authenticati...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.8	MSSECURE:00B5F0...	Beyond the benchmark: Advancing security at AI speed_MSSECURE:00B5F0DA128161763042D52D4210A2E0 In this article 1. From the lab into the pipeline 2. This month’s set of discoveries 3. Beyond the headline: What the engineering work taugh...	N/A	N/A	Jun 17, 2026	MSSECURE
CRITICAL 9.8	515FB960-2EB4-	Exploit for OS Command Injection in Buffalo Open_Xdmod_515FB960-2EB4-5167-8796-0AA62D6B62A4 CVE-2026-45777 CVE-2026-45777 PoC...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.1	CVE-2026-36418	CVE-2026-36418_CVE-2026-36418 JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper handling of Aviator expressions. The /jmreport/executeS...	n/a	n/a n/a	Jun 17, 2026	CVE