CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2026-56209	Libaom: libaom: arbitrary address write via svc layer context oob and cyclic refresh map pointer hijack_CVE-2026-56209 An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable V...	Red Hat	Red Hat Enterprise Linux 10	Jun 19, 2026	CVE
CRITICAL 9.8	78CF8AD6-3E6A-	ghost-bits-toolkit_78CF8AD6-3E6A-58B5-B3C4-2D259401D82F Ghost Bits Toolkit Java Ghost Bits Vulnerability Detection and Exploitation Toolset. Vulnerability Background Ghost Bits is a security vulnerabilit...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT
CRITICAL 9.1	703A79DC-60E9-	Exploit for Improper Authorization in Apache Tomcat_703A79DC-60E9-5AC8-928B-96E9607FCF0C CVE-2026-43515 — Apache Tomcat Security Constraint Bypass Exploitability verdict: confirmed exploitable. A POST request to a resource protected by ...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT
CRITICAL 9	CVE-2026-55203	HAProxy – Integer Overflow in FCGI Demux Record Length Field_CVE-2026-55203 HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffe...	haproxy	haproxy	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-54103	U.S. GAO EPDS and CBCA EDS unauthenticated password change_CVE-2026-54103 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38717	CVE-2026-38717_CVE-2026-38717 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38716	CVE-2026-38716_CVE-2026-38716 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38715	CVE-2026-38715_CVE-2026-38715 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38714	CVE-2026-38714_CVE-2026-38714 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.3	CVE-2026-54390	JTL Shop < 5.7.2 Server-Side Template Injection via Smarty Renderer_CVE-2026-54390 JTL Shop versions 5.2.0 through 5.7.1 contains a server-side template injection vulnerability that allows unauthenticated attackers to inject malic...	JTL Software	JTL Shop 5.0.0	Jun 18, 2026	CVE