category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-12220	Yealink SIP-T46U Firmware Chunk Upload handler accupgradebychunk mod_upgrade.SparePartsUpload stack-based overflow_CVE-2026-12220 A vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function mod_upgrade.SparePartsUpload of the file /api/upgrade/ac...	Yealink	SIP-T46U 108.86.0.118	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-12219	Yealink SIP-T46U Web FastCGI Service start mod_diagnose.CommandShellByType command injection_CVE-2026-12219 A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function mod_diagnose.CommandShellByType of the file /api/diagn...	Yealink	SIP-T46U 108.86.0.118	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-12218	Yealink SIP-T46U Web FastCGI Service beforewifitest StartReportInformation stack-based overflow_CVE-2026-12218 A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/be...	Yealink	SIP-T46U 108.87.50.1	Jun 15, 2026	CVE
MEDIUM 5.1	CVE-2026-12211	Intelbras iNVU 7016 FT Web syslog path traversal_CVE-2026-12211 A flaw has been found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26. This impacts an unknown function of the file /RPC2_Loadfile/sys...	Intelbras	iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-12210	universal-tool-calling-protocol python-utcp utcp-gql/utcp-websocket server-side request forgery_CVE-2026-12210 A vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0. This affects an unknown function of the component utcp-gql/utcp-...	universal-tool-calling-protocol	python-utcp 1.1.0	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-12209	RubyLouvre avalon Template Filter index.js prototype pollution_CVE-2026-12209 A security vulnerability has been detected in RubyLouvre avalon up to 2.2.10. The impacted element is an unknown function of the file src/filters/i...	RubyLouvre	avalon 2.2.0	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-12208	jsonata-js jsonata Function Binding Frame System jsonata.js createFrame prototype pollution_CVE-2026-12208 A weakness has been identified in jsonata-js jsonata up to 2.2.0. The affected element is the function createFrame of the file src/jsonata.js of th...	jsonata-js	jsonata 2.0	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-12198	Microweber API Endpoint thumbnail_img userfiles_path path traversal_CVE-2026-12198 A weakness has been identified in Microweber up to 2.0.20. This affects the function userfiles_path of the file /api_nosession/thumbnail_img of the...	n/a	Microweber 2.0.0	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-12197	Ruijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injection_CVE-2026-12197 A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose ...	Ruijie	EG105G-P 2.340	Jun 14, 2026	CVE
MEDIUM 4.8	CVE-2026-12201	IObit Malware Fighter DLL permission_CVE-2026-12201 A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handle...	IObit	Malware Fighter 13.0	Jun 15, 2026	CVE