HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.1	CVE-2026-10795	UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc_CVE-2026-10795 The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.2...	davidanderson	UpdraftPlus: WP Backup & Migration Plugin	Jun 11, 2026	CVE
HIGH 7.8	D6A93691-F8DB-	overflow_exploit_framework_D6A93691-F8DB-5F5D-A462-8943071573F9 kernel-research — Framework CVE overflow Usage éducatif uniquement. Structure kernel-research/ ├── framework/ │ ├── Dockerfile.base ← image Docker ...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
HIGH 8.1	58222AF9-E3B1-	Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple_58222AF9-E3B1-5F41-A4D5-DADB0DA5111F poc-CVE-2019-9053 PoC didático em Python 3 para a CVE-2019-9053, uma SQL Injection time-based blind no CMS Made Simple = 2.2.9. Esta versão foi ada...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
HIGH 8.1	F11C41A7-4DE7-	Exploit for Type Confusion in Google Chrome_F11C41A7-4DE7-55FE-9CEE-BFF8F14A09D7 SSD Advisory – Google Chrome RCE Source: ssd-disclosure.com/ssd-advisory-google-chrome-rce Summary A critical remote code execution vulnerability i...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
HIGH 7.6	98D7FC0C-3955-	Exploit for Improper Authentication in Pocketbase_98D7FC0C-3955-56D1-8337-74FE94A341E4 CVE-2026-44166 — PocketBase OAuth2 Account Pre-Hijacking Self-contained lab + writeup for CVE-2026-44166: an attacker with any account on a configu...	N/A	N/A	Jun 11, 2026	GITHUBEXPLOIT
HIGH 7.5	CVE-2026-53461	ImageMagick: Out-of-bounds write in ICON decoder due to incorrect loop_CVE-2026-53461 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorre...	ImageMagick	ImageMagick < 6.9.13-50	Jun 10, 2026	CVE
HIGH 7.5	CVE-2026-53460	ImageMagick: Policy Bypass can trigger out-of-Memory condition_CVE-2026-53460 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing ...	ImageMagick	ImageMagick < 6.9.13-50	Jun 10, 2026	CVE
HIGH 7.5	CVE-2026-52726	Dulwich’s submodule path traversal in porcelain.submodule_update / porcelain.clone(recurse_submodules=True) yields RCE via attacker-dropped .git/hooks payload_CVE-2026-52726 Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5, `dulwich.porc...	jelmer	dulwich >= 0.23.2, < 1.2.5	Jun 10, 2026	CVE
HIGH 7.5	CVE-2026-49218	ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions_CVE-2026-49218 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing ...	ImageMagick	ImageMagick < 6.9.13-48	Jun 10, 2026	CVE
HIGH 8.8	CVE-2026-44693	Pi-hole FTL: Unauthenticated Session Hijacking via Race Condition on Global Session Buffer_CVE-2026-44693 Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. Prior to version 6.6.1, Pi-hole FTL contains a race ...	pi-hole	FTL < 6.6.1	Jun 10, 2026	CVE