Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.2	CVE-2026-9777	ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability_CVE-2026-9777 ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code...	ATEN	Unizon 2.7.262.002	Jun 24, 2026	CVE
HIGH 7.5	CVE-2026-9776	ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability_CVE-2026-9776 ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to ...	ATEN	Unizon 2.7.262.002	Jun 24, 2026	CVE
MEDIUM 5.5	CVE-2026-9775	ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability_CVE-2026-9775 ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary fil...	ATEN	Unizon 2.7.262.002	Jun 24, 2026	CVE
MEDIUM 5.5	CVE-2026-9774	ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability_CVE-2026-9774 ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary...	ATEN	Unizon 2.7.262.002	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-9773	Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability_CVE-2026-9773 Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar...	Unraid	Unraid 1161ec120	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-9772	Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability_CVE-2026-9772 Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary...	Unraid	Unraid 1161ec120	Jun 24, 2026	CVE
HIGH 8.1	CVE-2026-55762	Rocket.Chat: Any Authenticated User Can Permanently Deregister Workspace from Rocket.Chat Cloud via Unprotected `/api/v1/fingerprint` Endpoint_CVE-2026-55762 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, ...	RocketChat	Rocket.Chat >= 8.5.0-rc.0, < 8.5.1	Jun 24, 2026	CVE
HIGH 7.4	CVE-2026-55759	Rocket.Chat: Apple Sign-In skips JWT claims validation, allowing expired and cross-audience token replay_CVE-2026-55759 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, ...	RocketChat	Rocket.Chat >= 8.5.0-rc.0, < 8.5.1	Jun 24, 2026	CVE
CRITICAL 9.3	CVE-2026-55666	Rocket.Chat: Email Parameter Fallback Leads To Account Takeover Within Apple OAuth_CVE-2026-55666 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, ...	RocketChat	Rocket.Chat >= 8.5.0-rc.0, < 8.5.1	Jun 24, 2026	CVE
CRITICAL 9	CVE-2026-55570	SiYuan: Stored XSS results to Electron RCE in SiYuan marketplace via unescaped `data-obj` attribute (Bypass for CVE-2026-45375’s patch)_CVE-2026-55570 SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, it does not escape the untrusted fields (name, version, author, desc...	siyuan-note	siyuan < 3.7.0	Jun 24, 2026	CVE