CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	D4275D24-A482-	GumVulns_D4275D24-A482-561B-8402-1DE456184863 GumVulns A single-file PHP CLI that searches many vulnerability APIs in parallel and returns a normalized record for each hit: CVE id, description,...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
CRITICAL 9.2	PACKETSTORM:223892	📄 HP Poly Voice Unauthenticated Remote Code Execution_PACKETSTORM:223892 CVE-2026-0826 is a critical unauthenticated stack-based buffer overflow vulnerability affecting all models in the VVX series VVX 150, VVX 250, VVX ...	N/A	N/A	Jun 19, 2026	PACKETSTORM
CRITICAL 9.3	CVE-2026-56081	Cap-go – Account Lockout via 2FA Misconfiguration on Unverified Email_CVE-2026-56081 Cap-go before 12.128.2 contains an authentication logic flaw that lets an attacker register and control an account bound to a victim's email addres...	Cap-go	capgo	Jun 19, 2026	CVE
CRITICAL 9.3	CVE-2026-56073	Cap-go – OTP Bypass via Response Manipulation in Email Verification_CVE-2026-56073 Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by mo...	Cap-go	capgo	Jun 19, 2026	CVE
CRITICAL 9.8	CVE-2026-11551	Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover_CVE-2026-11551 The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is du...	wpmudev	Branda – White Label & Branding, Free Login Page Customizer	Jun 19, 2026	CVE
CRITICAL 9.6	MS:CVE-2026-12440	CVE-2026-12440 Use after free in DigitalCredentials_MS:CVE-2026-12440 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
CRITICAL 9.8	CVE-2026-48773	ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling_CVE-2026-48773 ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. Versions 2.0.18 through 3.0.8 have a pre-authentication heap memory corruption ...	sysown	proxysql >= 2.0.18, < 3.0.9	Jun 19, 2026	CVE
CRITICAL 10	CVE-2026-48772	ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL_CVE-2026-48772 ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the `PROXY...	sysown	proxysql >= 2.0.0, < 3.0.9	Jun 19, 2026	CVE
CRITICAL 9.9	CVE-2026-48584	Microsoft Azure Synapse Elevation of Privilege Vulnerability_CVE-2026-48584 {“lastseen”:””,”description”:””,”published”:”2026-06-19T20:27:48.494Z”,&#82...	Microsoft	Azure Synapse -	Jun 19, 2026	CVE
CRITICAL 9.6	CVE-2026-48582	Microsoft Exchange Online Elevation of Privilege Vulnerability_CVE-2026-48582 {“lastseen”:””,”description”:””,”published”:”2026-06-19T20:29:41.615Z”,&#82...	Microsoft	Microsoft Exchange Online -	Jun 19, 2026	CVE