Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-43872	actual-server has a path traversal vulnerability_CVE-2026-43872 Actual is an open-source personal finance application. Prior to version 26.5.0, several endpoints are affected by a path traversal vulnerability. V...	actualbudget	actual < 26.5.0	Jun 12, 2026	CVE
MEDIUM 4.8	CVE-2026-42890	actual Allows Electron to Run As Node_CVE-2026-42890 Actual is an open-source personal finance application. In the macOS desktop application version 25.x (built on Electron 39.2.7), the ELECTRON_RUN_A...	actualbudget	actual < 26.5.0	Jun 12, 2026	CVE
MEDIUM 6.9	CVE-2026-42604	Actual has an OpenID `client_secret` Disclosure via Broken Authorization Guard in `/openid/config`_CVE-2026-42604 Actual is a local-first personal finance tool. The `POST /openid/config` endpoint in Actual Budget's sync-server versions	actualbudget	actual < 26.5.0	Jun 12, 2026	CVE
NONE	THN:5C34458EBFD...	Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing_THN:5C34458EBFD9848C62C4030F3B3ADF88 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2VG_lHXgOeahfKoUs6hQ7fOmh-dK1ZGloqzAWilTU73LKJF5mBDqw4OSpU8ViE0NEI1iW4cNS5vyz4TpqoJ...	N/A	N/A	Jun 12, 2026	THN
HIGH 7.8	58E729A1-1305-	Exploit for Use After Free in Linux Linux_Kernel_58E729A1-1305-508A-A366-27ECA7ADF232 CVE-2026-23111 Auto-Root VM Testing Local privilege escalation exploit for CVE-2026-23111 — Linux kernel nftables use-after-free via inverted ! in ...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT
CRITICAL 10	MSF:EXPLOIT-LINUX-	Paperclip AI RCE using a chain of six API calls (CVE-2026-41679)._MSF:EXPLOIT-LINUX-HTTP-PAPERCLIPAI_UNAUTH_RCE_CVE_2026_41679- Paperclip is the operating system for your AI company. You set the goals, hire AI agents as employees, and watch them plan and execute work. Prior ...	N/A	N/A	Jun 12, 2026	METASPLOIT
HIGH 8.8	428AF504-46AA-	aetherion_428AF504-46AA-5342-B996-9B28AD7932B2 /\ \| \| \| \| \| \| / \ \| \|\| \| \| \| / /\ \ \| \| \ / \ \| \\| \| / \ \| \ / \ \| \|\| \| \| \| / \| \| \| \| \|\| \|\| \| \| \| // \\ \\|\| \|\|\\| \|\| \|\|\| \/ \|\| \|\| Aetherion Android...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT
MEDIUM 6.7	THN:8A77AE01FE4...	China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade_THN:8A77AE01FE4F3132EEE7710ECBA05C6E ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxJqmKAQv_I_7JkmQwoIVSx2BkRPUEb9TTNOd2RkNqTg3tcLyZszN8KiXfUUeIBSPSoxjzMAn2inE6TL791l...	N/A	N/A	Jun 12, 2026	THN
NONE	26E3C9F4-BB6B-	sbom-risk-analyzer_26E3C9F4-BB6B-5FF9-AAB9-9A2A07DAD98A SBOM-Risk-Analyzer Exploitability-weighted vulnerability prioritization for software bills of materials. --- Abstract Severity scores CVSS describe...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT
NONE	24C26077-B16A-	katex-xss-test_24C26077-B16A-5313-96B8-E08C7903EAD5 KaTeX render test Inline href: $\hrefjavascript:alertdocument.domainCLICK-XSS$ htmlData: $\htmlDatafoo=barx$ htmlId: $\htmlIdpwny$ htmlClass: $\htm...	N/A	N/A	Jun 12, 2026	GITHUBEXPLOIT