HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.6	CVE-2026-41234	Froxlor: BIND Zone File Injection via TXT Record Content_CVE-2026-41234 Froxlor is open source server administration software. Prior to version 2.3.7, the `DomainZones.add` API endpoint does not sanitize newline charact...	froxlor	froxlor < 2.3.7	Jun 4, 2026	CVE
HIGH 8.6	THN:3045B0C60DC...	Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public_THN:3045B0C60DCD251B7744C460F8FD4A2C ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6_xkmI_c8KreZ4cr2oC9gHJERU9xWsLGDrCNCaB11IQVGmJ-r0MYUjqGllvOFc0IVwGYBqnzLJl96WBTSVX...	N/A	N/A	Jun 4, 2026	THN
HIGH 7.1	CVE-2026-8874	CVE-2026-8874_CVE-2026-8874 Version 3.0.7 of the Securly Chrome Extension downloads JSON files containing crisis alert keywords and filtering rules over unencrypted HTTP via t...	Securly	Securly Chrome Extension	Jun 3, 2026	CVE
HIGH 7.1	CVE-2026-36176	CVE-2026-36176_CVE-2026-36176 GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext to the serial console. This allows physica...	n/a	n/a n/a	Jun 4, 2026	CVE
HIGH 8.8	CVE-2026-5228	Improper Access Control in Kurt Software Studio’s WriteUp Mobile App_CVE-2026-5228 Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly...	Kurt Software Studio	WriteUp Mobile App 1.3.0	Jun 4, 2026	CVE
HIGH 7.5	CVE-2026-8879	CVE-2026-8879_CVE-2026-8879 Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScript...	Securly	Securly Chrome Extension	Jun 3, 2026	CVE
HIGH 7.5	CVE-2026-8878	CVE-2026-8878_CVE-2026-8878 Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. T...	Securly	Securly Chrome Extension	Jun 3, 2026	CVE
HIGH 7.3	CVE-2026-8876	CVE-2026-8876_CVE-2026-8876 Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyw...	Securly	Securly Chrome Extension	Jun 3, 2026	CVE
HIGH 7.5	CVE-2026-8829	HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities_CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS routine backing HTML::Entities::_decode_entities c...	OALDERS	HTML::Entities	Jun 4, 2026	CVE
HIGH 8.7	CVE-2026-45433	Hardcoded Cryptographic Key Vulnerability in GX Earth ONT Models_CVE-2026-45433 This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacke...	GX INDIA	GX Earth 2022 version E2022 - 3.1.2A	Jun 4, 2026	CVE