CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-54387	Tinyproxy – HTTP Request Smuggling via CL/TE Desynchronization_CVE-2026-54387 Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, forwarding...	tinyproxy	tinyproxy	Jun 17, 2026	CVE
CRITICAL 9.1	CVE-2026-48814	Network-AI: Empty default secret still authorizes all requests (Incomplete fix for CVE-2026-46701)_CVE-2026-48814 Network-AI is a TypeScript/Node.js multi-agent orchestrator. In versions 5.7.1 and earlier, the MCP SSE server allows unauthenticated cross-origin ...	Jovancoding	Network-AI < 5.7.2	Jun 17, 2026	CVE
CRITICAL 9.8	4D212348-0CE4-	Exploit for Argument Injection in Gnu Inetutils_4D212348-0CE4-5BBD-86E0-05C3D2BF492E CVE-2026-24061 — Reproduction Lab ⚠️ For educational purposes only. Isolated lab environment. Français ci-dessous --- Summary Critical authenticati...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.8	MSSECURE:00B5F0...	Beyond the benchmark: Advancing security at AI speed_MSSECURE:00B5F0DA128161763042D52D4210A2E0 In this article 1. From the lab into the pipeline 2. This month’s set of discoveries 3. Beyond the headline: What the engineering work taugh...	N/A	N/A	Jun 17, 2026	MSSECURE
CRITICAL 9.8	515FB960-2EB4-	Exploit for OS Command Injection in Buffalo Open_Xdmod_515FB960-2EB4-5167-8796-0AA62D6B62A4 CVE-2026-45777 CVE-2026-45777 PoC...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
CRITICAL 9.1	CVE-2026-36418	CVE-2026-36418_CVE-2026-36418 JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper handling of Aviator expressions. The /jmreport/executeS...	n/a	n/a n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-53805	NVIDIA SIL GEN3C Unauthenticated RCE via Pickle Deserialization in Inference API_CVE-2026-53805 NVIDIA Spatial Intelligence Lab's (SIL) GEN3C contains an unauthenticated remote code execution vulnerability in the inference API server where the...	nv-tlabs	GEN3C	Jun 17, 2026	CVE
CRITICAL 9.2	CVE-2026-3894	Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers._CVE-2026-3894 Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This issue affects Connext Professional: from...	RTI	Connext Professional 7.4.0	Jun 17, 2026	CVE
CRITICAL 9.2	CVE-2026-2467	Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags._CVE-2026-2467 Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext...	RTI	Connext Professional 7.4.0	Jun 17, 2026	CVE
CRITICAL 9.1	CVE-2026-20266	OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit_CVE-2026-20266 In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Spl...	Splunk	Splunk AI Toolkit 5.7	Jun 17, 2026	CVE