HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-49486	Apache Airflow FTP provider: FTP Provider does not protect FTPS data channel (missing PROT_P)_CVE-2026-49486 The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control...	Apache Software Foundation	Apache Airflow FTP provider	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-11702	Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes_CVE-2026-11702 Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before for...	DAVIDO	Bytes::Random::Secure::Tiny	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-11625	Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes_CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, o...	DAVIDO	Bytes::Random::Secure	Jun 26, 2026	CVE
HIGH 7.3	CVE-2026-57915	Apache Kerby: Kerberos Pre-Authentication Bypass_CVE-2026-57915 It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users...	Apache Software Foundation	Apache Kerby	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57667	WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability_CVE-2026-57667 Sales Representative SQL Injection in Groundhogg	Adrian Tobey	Groundhogg n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57663	WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability_CVE-2026-57663 Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes	Igor Benic	Recipe Maker For Your Food Blog from Zip Recipes n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57662	WordPress Contest Gallery plugin <= 30.0.0 - SQL Injection vulnerability_CVE-2026-57662 Contributor SQL Injection in Contest Gallery	Wasiliy Strecker	Contest Gallery n/a	Jun 26, 2026	CVE
HIGH 8.8	CVE-2026-57659	WordPress Paid Memberships Pro – Add Member From Admin plugin <= 0.7.2 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2026-57659 Unauthenticated Cross Site Request Forgery (CSRF) in Paid Memberships Pro - Add Member From Admin	Stranger Studios	Paid Memberships Pro - Add Member From Admin 0.7.2	Jun 26, 2026	CVE
HIGH 8.2	CVE-2026-57655	WordPress Child theme Wizard plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2026-57655 Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard	Jay Versluis	Child Theme Wizard n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57653	WordPress WP Job Portal plugin <= 2.5.2 - SQL Injection vulnerability_CVE-2026-57653 Contributor SQL Injection in WP Job Portal	wpjobportal	WP Job Portal n/a	Jun 26, 2026	CVE