HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.3	CVE-2026-9219	Setracker2 Children’s Smartwatch Ecosystem Generation of Predictable Numbers or Identifiers_CVE-2026-9219 Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior have a predictable registration ID derived from IMEI. The enrollment...	Shenzhen i365-Tech Co. Ltd.	Setracker2 Parental Control App (Android) package com.tgelec.setracker	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-6679	DTLS 1.3 ACK serialization heap buffer overflow via integer truncation_CVE-2026-6679 A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due ...	wolfSSL	wolfSSL 5.4.0	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-56445	pydicom pynetdicom Library Path Traversal_CVE-2026-56445 The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitizat...	pydicom	pynetdicom Library 1.0.0	Jun 25, 2026	CVE
HIGH 8.3	CVE-2026-12473	OHIF Viewers DICOM Server-Side request forgery_CVE-2026-12473 Two data sources (DICOMWebProxy and DICOMJSON) shipped in the default configuration fetch an arbitrary URL parameter without validation. A global a...	Open Health Imaging Foundation (OHIF)	DICOM Web Viewer Framework	Jun 25, 2026	CVE
HIGH 7.3	CVE-2026-54479	EVoke Systems EVoke CSMS Insufficient Session Expiration_CVE-2026-54479 The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same sess...	EVoke	EVoke CSMS All versions	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-50176	EVoke Systems EVoke CSMS Improper Restriction of Excessive Authentication Attempts_CVE-2026-50176 The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allo...	EVoke	EVoke CSMS All versions	Jun 25, 2026	CVE
HIGH 7.4	CVE-2026-12992	Apicurio/apicurio-registry: apicurio-registry: ssrf via wsdl4j import dereference in wsdl full validation_CVE-2026-12992 A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature....	Red Hat	Red Hat build of Apicurio Registry 3	Jun 25, 2026	CVE
HIGH 8.5	CVE-2026-12975	Apicurio/apicurio-registry: apicurio-registry: unhardened saxparser in content-type detection leads to blind xxe / ssrf / billion-laughs dos_CVE-2026-12975 A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing fea...	Red Hat	Red Hat build of Apicurio Registry 3	Jun 25, 2026	CVE
HIGH 8.1	CVE-2026-11800	Org.keycloak:keycloak-services: keycloak: authentication bypass via jwt algorithm confusion_CVE-2026-11800 A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow allows an attacker with valid client c...	Red Hat	Red Hat build of Keycloak 26.6 26.6.4-2	Jun 25, 2026	CVE
HIGH 8.1	CVE-2026-22879	CVE-2026-22879_CVE-2026-22879 vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability	vtk	vtk 9.5.2	Jun 25, 2026	CVE