category_news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	H1:3831432	curl: setopt(VERIFYPEER) from callback bypasses TLS verify on connection reuse_H1:3831432 ## Summary: `Curl_ssl_conn_config_update` overwrites `conn->ssl_config.verifypeer` when `curl_easy_setopt(CURLOPT_SSL_VERIFYPEER, ...)` is called,...	N/A	N/A	Jun 29, 2026	HACKERONE
NONE	IMPERVABLOG:02B...	AI Agents Are Visiting Your Website. Which Ones Should You Trust?_IMPERVABLOG:02B3638CB0833BED533ED6C0178D7199 The internet is changing fast. For years, the main goal of search was simple: to help users find links. A user searched, reviewed results, clicked...	N/A	N/A	Jun 30, 2026	IMPERVABLOG
NONE	SECURELIST:318E...	ToddyCat: your hidden email assistant. Part 2_SECURELIST:318E425764C1762E8EB0EB5B9B2F6150 ![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2026/06/19083452/toddycat-part-2-featured-image-990x400.jpg) ## Introduction...	N/A	N/A	Jun 30, 2026	SECURELIST
NONE	HACKREAD:F9C96F...	WhatsApp Usernames Will Let You Chat Without Sharing Your Phone Number_HACKREAD:F9C96F0F0C00545F020EAD13425F60F7 WhatsApp is letting users reserve usernames before its 2026 launch, giving people a way to chat without sharing phone numbers. Here is how it works...	N/A	N/A	Jun 30, 2026	HACKREAD
NONE	THN:B2122E08A29...	What the Numbers Say About FIFA 2026 Cyber Risk_THN:B2122E08A297EDF9158A122D018B4FAD ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEZt1Yxw3eiMzyzPpblDGru8JlEmw-Rr1Lgn8hG9YCvxeCNDpKOCyn5_Evvmc_lB9tKDpcmBLfH3a6mHGkZB...	N/A	N/A	Jun 30, 2026	THN
NONE	H1:3831345	curl: CURLSHOPT_UNSHARE race can cause UAF in shared SSL session cache during HTTPS transfer_H1:3831345 ## Summary `CURLSHOPT_UNSHARE` can free a shared SSL session cache while another thread is starting a normal HTTPS transfer with the same share ha...	N/A	N/A	Jun 29, 2026	HACKERONE
CRITICAL 10	THN:92496BE41BB...	Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer_THN:92496BE41BBB472864D9FF3429DE96A7 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEid1CxvsX2dPrKoA1VzJ6PUhwrXxvSC4ehRmgyaRRCJlP_MFSeOxvwrT2ODJSbQx3E-7bBwBG4YpP3CQGLz...	N/A	N/A	Jun 30, 2026	THN
NONE	THN:7F75382DA65...	AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks_THN:7F75382DA651A5ECDEF282D4E511FDDF ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCyrr25-wXst4kOLIEi1-Q1d5XMVDCvWqUacEoSRsLn6C5CbKoXGLb4nzTB-DVr9cLOkyuIT5wyMrQICAVhQ...	N/A	N/A	Jun 30, 2026	THN
NONE	THN:27E06C2F7B7...	New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials_THN:27E06C2F7B7D18B0ABBE148809FF4D82 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitNDarGF3uRKXTWC12cbM97uJW3DxiLuQwmplVLHEqdrUZJdzbkMz6Wc524z5Xu2GGSyNYhMT_m9kGqqGjRm...	N/A	N/A	Jun 30, 2026	THN
NONE	H1:3832393	curl: libcurl upload read callbacks miss recursive API guard, allowing prohibited multi API reentry and ASAN-confirmed UAF_H1:3832393 ## Summary: Several libcurl upload read callback paths invoke the application-provided CURLOPT_READFUNCTION without marking the easy handle as bein...	N/A	N/A	Jun 29, 2026	HACKERONE