CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2026-50873	CVE-2026-50873_CVE-2026-50873 An arbitrary file upload vulnerability in the attachment handling component of flatnotes v5.5.4 allows attackers to execute arbitrary code via uplo...	flatnotes	flatnotes v5.5.4	Jun 15, 2026	CVE
CRITICAL 9.8	THN:6B787AC9D1F...	Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week_THN:6B787AC9D1F1066F097548000F8A1B03 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisozpc0YfCvHjGAyEZf7c1G10iEOgszA-mkIIrhG3A4VYcq8_Hih8U0hO66iBoDPPJZhfq7Dc3fGTsMLDiFi...	N/A	N/A	Jun 16, 2026	THN
CRITICAL 9.9	0EC1604B-E72F-	Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Portainer_0EC1604B-E72F-5EC0-A160-6417C6A48750 CVE-2026-44881 — Portainer Git Symlink → Arbitrary Host File Read Single-script exploit for CVE-2026-44881, a Git symlink injection in Portainer's ...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.9	C39D709A-5707-	Exploit for Use After Free in Redis_C39D709A-5707-512E-A49D-440E35D65CDB CVE-2025-49844 - RediShell Use-after-free in Redis Lua scripting leading to remote code execution. Summary of the CVE Redis is an open source, in-m...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.8	F2E78F8B-FFD9-	Exploit for OS Command Injection in Redhat Openshift_Container_Platform_F2E78F8B-FFD9-57F2-B246-315C95294897 Usage: For anonymos login: python3 exploit.py --lhost --lport -t -N it is for anonymous login Login via credentials: python3 exploit.py --lhost --l...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.3	1887B5CB-F35E-	Exploit for Improper Authentication in Checkpoint Gaia_Os_1887B5CB-F35E-509F-992F-1B55A688FF1D CVE-2026-50751 Scanner Multi-target detection scanner for CVE-2026-50751 -- Check Point IKEv1 Remote Access VPN certificate-authentication bypass. ...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
CRITICAL 9.9	CVE-2026-40750	WordPress Kids Online Store theme <= 0.8.9 - Arbitrary File Upload vulnerability_CVE-2026-40750 Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This ...	themagnifico52	Kids Online Store n/a	Jun 16, 2026	CVE
CRITICAL 9.3	CVE-2026-52715	WordPress GEO my WordPress plugin <= 4.5.5 - SQL Injection vulnerability_CVE-2026-52715 Unauthenticated SQL Injection in GEO my WordPress	Eyal Fitoussi	GEO my WordPress n/a	Jun 16, 2026	CVE
CRITICAL 9.9	CVE-2026-49774	WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability_CVE-2026-49774 Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects...	Filipe Nasc	RD Station n/a	Jun 16, 2026	CVE
CRITICAL 9.3	CVE-2026-49772	WordPress The Events Calendar plugin 6.15.12-6.16.2 – SQL Injection vulnerability_CVE-2026-49772 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Liquid Web / StellarWP The Events Calendar al...	Liquid Web / StellarWP	The Events Calendar 6.15.12	Jun 16, 2026	CVE