metasploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	MSF:EXPLOIT-LINUX-	openDCIM install.php SQL Injection to RCE_MSF:EXPLOIT-LINUX-HTTP-OPENDCIM_INSTALL_SQLI_RCE- This module exploits a SQL injection vulnerability in openDCIM's install.php endpoint CVE-2026-28515 to achieve remote code execution. The install....	N/A	N/A	Apr 15, 2026	METASPLOIT
NONE	MSF:EXPLOIT-WINDOWS-	Windows Persistence Bits Job_MSF:EXPLOIT-WINDOWS-PERSISTENCE-BITS- This module establishes persistence through a BITS job that downloads and executes a payload. Background Intelligent Transfer Service BITS is a Win...	N/A	N/A	Apr 15, 2026	METASPLOIT
NONE	MSF:EXPLOIT-WINDOWS-	Powershell Profile Persistence_MSF:EXPLOIT-WINDOWS-PERSISTENCE-POWERSHELL_PROFILE- This module establishes persistence by modifying a PowerShell profile script, which is automatically executed when PowerShell starts. The module su...	N/A	N/A	Apr 15, 2026	METASPLOIT
NONE	MSF:EXPLOIT-LINUX-	Selenium Grid/Selenoid Unauthenticated RCE_MSF:EXPLOIT-LINUX-HTTP-SELENIUM_GREED_RCE- Selenium Grid and Selenoid expose a WebDriver API that allows creating browser sessions with arbitrary capabilities. When deployed without authenti...	N/A	N/A	Apr 14, 2026	METASPLOIT
CRITICAL 9.8	MSF:AUXILIARY-GATHER-	AVideo Unauthenticated SQL Injection Credential Dump_MSF:AUXILIARY-GATHER-AVIDEO_CATNAME_SQLI- AVideo use auxiliary/gather/avideocatnamesqli msf auxiliaryavideocatnamesqli show actions ...actions... msf auxiliaryavideocatnamesqli set ACTION m...	N/A	N/A	Apr 10, 2026	METASPLOIT
NONE	MSF:EXPLOIT-WINDOWS-	Windows Registry Active Setup Persistence_MSF:EXPLOIT-WINDOWS-PERSISTENCE-REGISTRY_ACTIVE_SETUP- This module will register a payload to run via the Active Setup mechanism in Windows. Active Setup is a Windows feature that runs once per user at ...	N/A	N/A	Feb 20, 2026	METASPLOIT
CRITICAL 9.8	MSF:EXPLOIT-MULTI-	WordPress StoryChief Plugin Unauthenticated RCE_MSF:EXPLOIT-MULTI-HTTP-WP_PLUGIN_STORY_CHEF_FILE_UPLOAD- This module exploits an unauthenticated arbitrary file upload vulnerability in the StoryChief WordPress plugin use exploit/multi/http/wppluginstory...	N/A	N/A	Feb 19, 2026	METASPLOIT
NONE	MSF:EXPLOIT-LINUX-	Emacs Extension Persistence_MSF:EXPLOIT-LINUX-PERSISTENCE-EMACS_EXTENSION- This module adds a lisp based malicious extension to the emacs configuration file. When emacs is opened, the extension will be loaded and the paylo...	N/A	N/A	Feb 18, 2026	METASPLOIT
NONE	MSF:EXPLOIT-WINDOWS-	Windows Registry Persistence via Userinit_MSF:EXPLOIT-WINDOWS-PERSISTENCE-REGISTRY_USERINIT- This module will install a payload that is executed during user logon. It writes a payload executable to disk and modifies the Userinit registry va...	N/A	N/A	Feb 18, 2026	METASPLOIT
CRITICAL 10	MSF:AUXILIARY-GATHER-	n8n arbitrary file read_MSF:AUXILIARY-GATHER-NI8MARE_CVE_2026_21858- This module exploits CVE-2026-21858, a critical unauthenticated remote code execution vulnerability in n8n workflow automation platform versions 1....	N/A	N/A	Feb 16, 2026	METASPLOIT