CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.8	CVE-2026-50708	Frappe Framework 17.0.0-dev – Stored XSS in Multi Select Dialog result rendering_CVE-2026-50708 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50705	Frappe Framework 17.0.0-dev – Stored XSS in Form Dashboard headline rendering_CVE-2026-50705 A Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of untrusted input in the F...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50704	Frappe Framework 17.0.0-dev – Reflected/Stored XSS in File View breadcrumbs rendering_CVE-2026-50704 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-50703	Frappe Framework 17.0.0-dev – Stored XSS in Desktop Icon label rendering_CVE-2026-50703 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 5.1	CVE-2026-50701	Frappe Framework 17.0.0-dev – Reflected DOM XSS in dashboard-view breadcrumb rendering_CVE-2026-50701 A Reflected Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlle...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50700	Frappe Framework 17.0.0-dev – Stored XSS in frappe.get_avatar image rendering_CVE-2026-50700 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
CRITICAL 9.8	9FE7E8BC-4FDD-	Exploit for Out-of-bounds Write in Fortinet Fortiproxy_9FE7E8BC-4FDD-5C40-A866-41D14FB4E0CD CVE-2024-21762 - FortiOS SSL VPN Out-of-Bounds Write Overview \| Field \| Value \| \|-------\|-------\| \| CVE \| CVE-2024-21762 \| \| Advisory \| FG-IR-24-01...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 9.8	313C0238-45FD-	Exploit for CVE-2026-12416_313C0238-45FD-59C7-9A09-F1668F7DFE47 CVE-2026-12416-CVE-2026-12417 Unauthenticated Account Takeover via Weak Password Reset Validation via 'resetuserid' Parameter \| Unauthenticated Pri...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
NONE	HACKREAD:614136...	Fake npm Packages Impersonate PostCSS Tool to Steal Chrome Passwords_HACKREAD:6141367662A6D7A675D4167ED30B5E35 JFrog warns of malicious npm packages that mimic PostCSS tooling, drop a Windows RAT, and target Chrome-stored passwords through a staged infection...	N/A	N/A	Jun 24, 2026	HACKREAD
HIGH 7.7	CVE-2026-9710	Themeco Cornerstone < 7.8.8 (Premium, bundled with X Theme) - Subscriber+ Arbitrary User Password Hash Disclosure_CVE-2026-9710 The Cornerstone WordPress plugin before 7.8.8 does not enforce capability checks on one of its CSS-preview request handlers, and exposes the nonce ...	Unknown	Cornerstone 3.0.0	Jun 24, 2026	CVE