CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	65E0C16C-7DAE-	eCPPT-Penetration-Testing-Reports_65E0C16C-7DAE-5E13-820B-B2415659245F eCPPT Penetration Testing Reports Penetration testing lab reports and CTF writeups documenting offensive security techniques, vulnerability exploit...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
CRITICAL 9.6	CVE-2026-32625	LibreChat Exfiltrates Server Secrets via MCP Server URL Injection_CVE-2026-32625 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, the Model Context Protocol (MCP)...	danny-avila	LibreChat < 0.8.4-rc1	Jun 2, 2026	CVE
CRITICAL 9.8	CVE-2026-49448	authentik: SourceStage bypass via empty POST_CVE-2026-49448 authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, the Source stage can be bypassed by sending an ...	goauthentik	authentik < 2025.12.6	Jun 2, 2026	CVE
CRITICAL 9.3	CVE-2026-42849	authentik: Reflected XSS in SFE AutosubmitStage allows IDP account takeover_CVE-2026-42849 authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, due to the implementation of stages in the SFE (Simple Flo...	goauthentik	authentik < 2025.12.5	Jun 2, 2026	CVE
CRITICAL 9.8	018B5871-29BC-	Exploit for Stack-based Buffer Overflow in Microsoft_018B5871-29BC-5EF3-B24E-99416F43FF2C CVE-2026-41089 — SentinelCore Defensive Toolkit Python 3 toolkit to detect and remediate exposure to CVE-2026-41089 on Windows Domain Controllers. ...	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT
CRITICAL 9.1	CVE-2026-10629	CVE-2026-10629_CVE-2026-10629 SIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec integrity protection (missing Security-Client/Secur...	Verizon	VoLTE UNKNOWN	Jun 2, 2026	CVE
CRITICAL 9.8	CVE-2026-5076	ARMember Premium <= 7.3.1 - Insecure Password Reset Mechanism to Unauthenticated Privilege Escalation_CVE-2026-5076 The ARMember Premium plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 7.3.1. The pl...	armember	ARMember Premium – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup	Jun 2, 2026	CVE
CRITICAL 9.8	PACKETSTORM:222477	📄 Samba SMB Printer Queue Command Injection / Remote Task Delivery_PACKETSTORM:222477 This Python script is a structured exploitation framework targeting Samba print services exposed over SMB port 445. It focuses on printer-share int...	N/A	N/A	Jun 2, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:222450	📄 Drupal core 10.5.5 SQL Injection_PACKETSTORM:222450 This proof of concept demonstrates an error-based remote SQL injection vulnerability in Drupal core version 10.5.5 PostgreSQL. User-controlled JSON...	N/A	N/A	Jun 2, 2026	PACKETSTORM
CRITICAL 9.8	AVLEONOV:68E701...	May Linux Patch Wednesday_AVLEONOV:68E7010A21B0F3420D3F6FE77C9479F4 ![May Linux Patch Wednesday](https://avleonov.com/wp-content/uploads/2026/06/[email protected]) May Linux Patch Wednesday. A total of 1,638 vu...	N/A	N/A	Jun 2, 2026	AVLEONOV