CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.8	CVE-2026-6240	Authenticated Stack-based Buffer Overflow in ONVIF DeleteUsers Service on TP-Link Tapo C520WS_CVE-2026-6240 A stack-based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF DeleteUsers service, due to insufficient boundary checks when han...	TP-Link Systems Inc.	Tapo C520WS v2	Jun 5, 2026	CVE
MEDIUM 6.8	CVE-2026-6239	Authenticated Stack-based Buffer Overflow in ONVIF CreateUsers Service in TP-Link Tao C520WS_CVE-2026-6239 A stack‑based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF CreateUsers service, where the device fails to properly validate ...	TP-Link Systems Inc.	Tapo C520WS v2	Jun 5, 2026	CVE
HIGH 7	CVE-2026-34123	Whitelist Validation Bypass in TP-Link Tapo C520WS_CVE-2026-34123 On Tapo C520WS v2, restricted accounts (for example, hub users) are intended to execute only a limited set of low‑sensitivity operations. Due to a ...	TP-Link Systems Inc.	Tapo C520WS v2	Jun 5, 2026	CVE
NONE	FC7A6C9A-3171-	ccdd-poc_FC7A6C9A-3171-59C6-9828-21470DFE1CF9 ccdd-poc — ¿Dónde está el límite de un solucionador de issues con modelo chico? Serie de POCs que miden no opinan la viabilidad de la arquitectura ...	N/A	N/A	Jun 6, 2026	GITHUBEXPLOIT
CRITICAL 10	3DCD9D30-4F52-	Exploit for Deserialization of Untrusted Data in Facebook React_3DCD9D30-4F52-556E-8799-B5F055F48E4B React2Shell CVE-2025-55182 Next.js: CVE-2025-66478Unauthenticated RCE in React Server Components Flight Protocol - PoC Exploit Description React Se...	N/A	N/A	Jun 5, 2026	GITHUBEXPLOIT
HIGH 8.3	CVE-2026-11431	Path Traversal in Altium Projects Service Allows Arbitrary File Read_CVE-2026-11431 A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated...	Altium	Altium Enterprise Server	Jun 5, 2026	CVE
CRITICAL 9.4	CVE-2026-11429	Path Traversal in Altium Git Service Allows Remote Code Execution_CVE-2026-11429 A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequenc...	Altium	Altium Enterprise Server	Jun 5, 2026	CVE
HIGH 8.3	CVE-2026-11424	Server-Side Request Forgery in Altium Platform Design GraphQL Service Allows Information Disclosure_CVE-2026-11424 A server-side request forgery (SSRF) vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An auth...	Altium	Altium Enterprise Server	Jun 5, 2026	CVE
HIGH 8.1	CVE-2026-11416	MoviePilot Path Traversal via Cloud Storage Download Handlers_CVE-2026-11416 MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage download handlers where the local destination path...	jxxghp	MoviePilot	Jun 5, 2026	CVE
MEDIUM 6.9	CVE-2026-45409	Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix_CVE-2026-45409 Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Uni...	kjd	idna < 3.15	Jun 5, 2026	CVE