HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-57877	GV-LPC2011/LPC2211 – unauthorized format string vulnerability (vlsvr)_CVE-2026-57877 An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is cause...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57876	GV-LPC2011/LPC2211 – unauthorized out-of-bounds writing vulnerability (onvif.cgi)_CVE-2026-57876 An unauthenticated out-of-bounds write vulnerability exists in onvif.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerabilit...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57875	GV-LPC2011/LPC2211 – unauthorized null pointer dereference vulnerability in packet parsing_CVE-2026-57875 An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC20...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57874	GV-LPC2011/LPC2211 – unauthorized buffer overflow vulnerability (IEEE8021x_upload.cgi)_CVE-2026-57874 An unauthenticated buffer overflow vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulne...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57873	GV-LPC2011/LPC2211 – unauthorized null pointer dereference vulnerability (IEEE8021x_upload.cgi)_CVE-2026-57873 An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. ...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57872	GV-LPC2011/LPC2211 – unauthorized directory traversal vulnerability (get_fcont.cgi)_CVE-2026-57872 An unauthenticated directory traversal vulnerability exists in get_fcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerab...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 8.3	CVE-2026-2053	Unauthenticated Server-Side Request Forgery via WS-Addressing in WSO2 API Manager_CVE-2026-2053 The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled in...	WSO2	WSO2 API Manager	Jun 26, 2026	CVE
HIGH 8.8	THN:3AF4D7A4A25...	Google Details Turla’s New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks_THN:3AF4D7A4A2521E78D5A57F5ED9C21560 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9SthtlfUvEkaX0iZanYdYTAOV5hgm44yCwHu_3GCaoa11rO-GkO9oc0_qN9JGw2n86dsEsN_sdaYt2ra_4I...	N/A	N/A	Jun 26, 2026	THN
HIGH 8.8	0AEC5CEA-1ACD-	Exploit for Path Traversal in Rarlab Winrar_0AEC5CEA-1ACD-55C4-80FC-250F80922CE5 Amaranth Project A multi-stage backdoor implantation attack chain is implemented using CVE-2025-8088 WinRAR path traversal vulnerability, ≤ 7.11. F...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 8.8	75D8AF60-1BE7-	Exploit for Use After Free in Google Chrome_75D8AF60-1BE7-5841-A5AC-CC59A30D14EB CVE-2026-13036 — Use-After-Free in Blink WidgetBase::UpdateSurfaceAndScreenInfo A use-after-free vulnerability in Google Chrome's Blink rendering e...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT