CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-11718	CVE-2026-11718_CVE-2026-11718 An authentication bypass vulnerability exists in the generic opaque token validation path (validateOpaqueToken) of googleapis/mcp-toolbox. When th...	Google	MCP Toolbox for Databases (googleapis/mcp-toolbox) 1.0.0	Jun 18, 2026	CVE
CRITICAL 9.3	CVE-2026-11717	CVE-2026-11717_CVE-2026-11717 An authentication bypass vulnerability exists in the generic opaque token validation path (validateOpaqueToken) of googleapis/mcp-toolbox. When ve...	Google	MCP Toolbox for Databases (googleapis/mcp-toolbox) 1.0.0	Jun 18, 2026	CVE
CRITICAL 9.8	63792567-6E10-	Exploit for Improper Input Validation in Hoverfly_63792567-6E10-52EB-9FBC-843EABF2AB52 No description provided...	N/A	N/A	Jun 18, 2026	GITHUBEXPLOIT
CRITICAL 9.3	CVE-2026-48768	TypeBot: Unauthenticated arbitrary s3 object write in generate-upload-url via unsanitized fileName_CVE-2026-48768 TypeBot is a chatbot builder tool. In versions 3.16.1 and earlier, POST /api/blocks/file-input/v3/generate-upload-url is unauthenticated and uses u...	baptisteArno	typebot.io < 3.17.0	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-12569	Remote Code Execution (RCE) vulnerability in Windchill PDMlink_CVE-2026-12569 A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited...	PTC	Windchill PDMLink	Jun 18, 2026	CVE
CRITICAL 9.8	9FE6A20B-74FB-	Exploit for Unrestricted Upload of File with Dangerous Type in Eclipse Business_Intelligence_And_Reporting_Tools_9FE6A20B-74FB-5120-9B1F-6A63ED38C6E3 CVE-2021-34427 Windows POC for CVE-2021-34427 affecting Birt Viewer Tested on Birt 4.8.0 Built with Claude Based on research here: https://bugs.ecl...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.8	AVLEONOV:CC3D65...	June “In the Trend of VM” (#28): Linux kernel, Microsoft Defender, and Palo Alto Networks device vulnerabilities_AVLEONOV:CC3D65635446B497749DDD41CFC7A7F3 ![June In the Trend of VM \(#28\): Linux kernel, Microsoft Defender, and Palo Alto Networks device vulnerabilities](https://avleonov.com/wp-content...	N/A	N/A	Jun 17, 2026	AVLEONOV
CRITICAL 9.3	38CC0676-948A-	Exploit for Cross-site Scripting in Roundcube Webmail_38CC0676-948A-5269-9162-8B92F853D747 CVE-2024-42009 — Roundcube Webmail 1.6.6 Stored XSS PoC For authorised security testing, CTF environments, and educational research only. Using thi...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.3	C5EFE23A-E7AE-	Exploit for CVE-2015-10141_C5EFE23A-E7AE-5AC1-BCD5-1817788E4C5B CVE-2015-10141...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.2	CVE-2026-55200	libssh2 – Out-of-Bounds Write via Unchecked packet_length in transport.c_CVE-2026-55200 libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2_transport_read() that fails to enforce upper ...	libssh2	libssh2	Jun 17, 2026	CVE