HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-10521	Authenticated unintended access to critical program parameters_CVE-2026-10521 An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program ...	MB connect line	mbCONNECT24 0.0.0, 2.20.1	Jun 23, 2026	CVE
HIGH 7.5	MS:CVE-2026-12455	Chromium: CVE-2026-12455 Use after free in Tab Strip_MS:CVE-2026-12455 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 7.4	4FC5FF6D-FE23-	Exploit for Improper Certificate Validation in Openssl_4FC5FF6D-FE23-5F05-A381-3D356456D252 No description provided...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
HIGH 8.8	40AD62F4-D694-	Exploit for CVE-2021-37840_40AD62F4-D694-54A9-B440-BB6C6844A2AE aaPanel: Vendors Don't Always Fix Things Properly An incomplete fix for CVE-2021-37840 still exposes 3.6M servers to root RCE, 5 years later Discov...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
HIGH 8.3	MS:CVE-2026-12464	Chromium: CVE-2026-12464 Use after free in Browser_MS:CVE-2026-12464 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 7.5	THN:3290E453B3D...	OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws_THN:3290E453B3DF6ABCA0E5674F76DA371F ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5t7SN4kPSfgifNku4Z0eWG5x1Dd8CIb99OAHuktz4ZGAeIrwDEnLwD9DUkRj8nStBQjzxOgWO2hfsGYI07Y...	N/A	N/A	Jun 23, 2026	THN
HIGH 7.8	DF5C4368-B596-	Exploit for Untrusted Pointer Dereference in Microsoft_DF5C4368-B596-5A56-B3D2-A29063405520 Note The NTOKernelBase in exp.cpp needs to be set by yourself...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
HIGH 8.8	MS:CVE-2026-12447	Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC_MS:CVE-2026-12447 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 7.1	CVE-2026-10658	Bluetooth Host ISO RX Missing SDU Header Length Validation in bt_iso_recv() Leads to DoS_CVE-2026-10658 A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In bt_iso_recv() (subsys/blue...	zephyrproject-rtos	Zephyr *	Jun 22, 2026	CVE
HIGH 7.1	CVE-2026-10651	Bluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds read_CVE-2026-10651 A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, bt_sd...	zephyrproject-rtos	Zephyr *	Jun 22, 2026	CVE