Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-35098	Improper Restriction of Excessive Authentication Attempts in KTM System e-BOK_CVE-2026-35098 KTM System e-BOK does not implement any limit or timeout on consecutive login attempts, allowing an attacker to perform unlimited authentication re...	KTM System	e-BOK	Jun 30, 2026	CVE
NONE	HACKREAD:072C19...	AppViewX Launches Global Partner Program Amid Rising Demand for Machine and Agent Identity Security_HACKREAD:072C1934D64C49237A2789D4E2485D55 New York, United States, 30th June 2026, CyberNewswire	N/A	N/A	Jun 30, 2026	HACKREAD
NONE	HACKREAD:3ED3CB...	OpenMatter Network Introduces Verifiable Trust Layer for Secure Collaboration and AI Agents_HACKREAD:3ED3CBD6F77B0B01A633A82A74ED5A91 Melbourne, Florida, 30th June 2026, CyberNewswire	N/A	N/A	Jun 30, 2026	HACKREAD
NONE	THN:1512AE50F60...	282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study_THN:1512AE50F60F6C5C9F6F79FEAEDA6FED ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ9nmTBu_vYBf5fRZV4Jc-qtFGPySofVDYHUd-9-ogdve-M4Qd4j7_CnH9Zmvln6O3nfXSsDqQiMoL3rDYBS...	N/A	N/A	Jun 30, 2026	THN
MEDIUM 6.9	CVE-2026-35097	Weak Password Requirements in KTM System e-BOK_CVE-2026-35097 KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended chara...	KTM System	e-BOK	Jun 30, 2026	CVE
MEDIUM 5.1	CVE-2026-35096	Cross-Site Request Forgery (CSRF) in KTM System e-BOK_CVE-2026-35096 KTM System e-BOK is vulnerable to Cross‑Site Request Forgery (CSRF) in both the email-change and password-change functionalities. An attacker can c...	KTM System	e-BOK	Jun 30, 2026	CVE
MEDIUM 4.8	CVE-2026-35095	Session fixation in KTM System e-BOK_CVE-2026-35095 KTM System e-BOK allows the session identifier to be set by the client prior to authentication. If a cookie with a valid name is set, its value rem...	KTM System	e-BOK	Jun 30, 2026	CVE
MEDIUM 5.9	CVE-2026-14178	openGauss存在非法内存访问导致DoS漏洞_CVE-2026-14178 openGauss 在处理带 NLS 参数的 to_timestamp 调用时，to_timestamp_with_fmt_nls() 会将 nls_fmt_str 保存到 u_sess->parser_cxt.nls_fmt_str。在 seqscan +...	openGauss-server	openGauss-server-7.0.0-RC2 openGauss-server-7.0.0-RC2	Jun 30, 2026	CVE
CRITICAL 9.8	0EB7005F-1AF8-	Nessus-CVE-POC-Finder_0EB7005F-1AF8-5D82-BFB3-0885D0E7AA8B Nessus-CVE-POC-Finder Python script to parse .nessus file, extract CVE numbers, and search for exploits using "searchsploit". Usage usage: Nessus-C...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.8	DCB07824-2947-	Exploit for Improper Authentication in Oracle E-Business_Suite_DCB07824-2947-51F9-8738-1630098A0772 CVE-2026-46817 Proof of Concept Oracle E-Business Suite File Transmission Path Traversal --- ⚠️ LEGAL DISCLAIMER THIS SOFTWARE IS PROVIDED FOR EDUC...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT