HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-54824	WordPress Ads by WPQuads plugin <= 3.0.3 - Sensitive Data Exposure vulnerability_CVE-2026-54824 Unauthenticated Sensitive Data Exposure in Ads by WPQuads	Ads WPQuads	Ads by WPQuads n/a	Jun 26, 2026	CVE
HIGH 7.8	CVE-2026-45257	Arbitrary file overwrite via the KTLS receive path_CVE-2026-45257 The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assump...	FreeBSD	FreeBSD 15.0-RELEASE	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-30041	CVE-2026-30041_CVE-2026-30041 An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial of Servi...	n/a	n/a n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2025-68064	WordPress Goya Core plugin < 1.0.9.4 - Local File Inclusion vulnerability_CVE-2025-68064 Contributor Local File Inclusion in Goya Core < 1.0.9.4 versions.	Everthemess	Goya Core n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2025-68063	WordPress Splash – Sport Club WordPress theme for Basketball, Football, Hockey theme <= 4.4.3 - Local File Inclusion vulnerability_CVE-2025-68063 Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey	StylemixThemes	Splash - Sport Club WordPress Theme for Basketball, Football, Hockey n/a	Jun 26, 2026	CVE
HIGH 8.8	CVE-2025-68052	WordPress Eagle Booking plugin <= 1.3.4.3 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2025-68052 Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking	Eagle-Themes	Eagle Booking n/a	Jun 26, 2026	CVE
HIGH 7.2	CVE-2026-9640	LXD Snapshot Import Privilege Escalation Vulnerability_CVE-2026-9640 A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of proj...	Canonical	LXD 5.21.0	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-47214	Docling: Unsafe URI and Path Handling in HTML Backend_CVE-2026-47214 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the...	docling-project	docling < 2.94.0	Jun 26, 2026	CVE
HIGH 8.4	CVE-2026-12411	Broken Access Control in Canonical LXD DevLXD API_CVE-2026-12411 Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another ...	Canonical	lxd 6.6	Jun 26, 2026	CVE
HIGH 8.7	CVE-2026-57518	Pagekit CMS 1.0.18 Privilege Escalation via UserApiController_CVE-2026-57518 Pagekit CMS 1.0.18 contains a privilege escalation vulnerability that allows authenticated users with the 'user: manage users' permission to escala...	pagekit	pagekit 1.0.18	Jun 26, 2026	CVE