CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	776C9ED4-3841-	Exploit for Code Injection in Craftcms Craft_Cms_776C9ED4-3841-5FC1-B7D1-370CEAB62FAB PoCCVE-2025-32432 CraftCMS CVE-2025-32432 - Clean PoC Version nettoyée et améliorée du PoC original. Crédits - Recherche originale : Orange Cyberde...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 9.8	61C38206-1C85-	cve-research-agent_61C38206-1C85-5ACA-A29E-1B8B1036B563 CVE Research Agent A CVE research agent built on Claude Code + MCP. Give it a CVE ID and a vulnerable source tree — it fetches the metadata, analyz...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-12417	SignUp & SignIn <= 1.0.0 - Unauthenticated Privilege Escalation via Weak Password Reset Validation via 'reset_activation_code' Leading to Account Takeover_CVE-2026-12417 The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Validation leading to Account Takeover in v...	pravel	SignUp & SignIn	Jun 24, 2026	CVE
CRITICAL 9.8	CVE-2026-12416	Invoice Generator <= 1.0.0 - Unauthenticated Account Takeover via Weak Password Reset Validation via 'reset_user_id' Parameter_CVE-2026-12416 The Invoice Generator plugin for WordPress is vulnerable to Account Takeover via Password Reset in all versions up to, and including, 1.0.0. This i...	pravel	Invoice Generator	Jun 24, 2026	CVE
CRITICAL 10	59505BC0-DE3A-	MCATester_59505BC0-DE3A-56CF-96BF-33C4639271E6 MCATester — AI-Powered OSINT & Vulnerability Discovery Platform Built during a security research internship at the National e-Governance Division N...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 9.1	CVE-2026-12851	GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12851 Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 9.1	CVE-2026-12850	GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12850 Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 9.1	CVE-2026-12849	GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12849 Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 10	CVE-2026-12848	GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12848 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 10	CVE-2026-12847	GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12847 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE