HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-11860	Insecure Deserialisation via Plaintext HTTP leading to Remote Code Execution in Quick.CMS_CVE-2026-11860 Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tampe...	OpenSolution	Quick.CMS	Jun 15, 2026	CVE
HIGH 8.5	CVE-2026-12217	DVDFab Virtual Drive Signed Kernel Driver dvdfabio.sys privileges management_CVE-2026-12217 A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the comp...	DVDFab	Virtual Drive 2.0.0.5	Jun 15, 2026	CVE
HIGH 8.5	CVE-2026-12214	Qihoo 360 Total Security Nucleus Engine Monitoring Logic RpcStringBindingComposeW protection mechanism_CVE-2026-12214 A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the compon...	Qihoo	360 Total Security 6.0	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-12222	Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow_CVE-2026-12222 A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function mod_webd.BlueToothTest of the file /api/inner/bttest of t...	Yealink	SIP-T46U 108.86.0.118	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-12221	Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack-based overflow_CVE-2026-12221 A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Fir...	Yealink	SIP-T46U 108.86.0.118	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-12220	Yealink SIP-T46U Firmware Chunk Upload handler accupgradebychunk mod_upgrade.SparePartsUpload stack-based overflow_CVE-2026-12220 A vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function mod_upgrade.SparePartsUpload of the file /api/upgrade/ac...	Yealink	SIP-T46U 108.86.0.118	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-12218	Yealink SIP-T46U Web FastCGI Service beforewifitest StartReportInformation stack-based overflow_CVE-2026-12218 A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/be...	Yealink	SIP-T46U 108.87.50.1	Jun 15, 2026	CVE
HIGH 8.1	D84F8A25-5F36-	Exploit for CVE-2026-10795_D84F8A25-5F36-52AC-B454-01D5ECE7059F CVE Lab: CVE-2026-10795 - UpdraftPlus UpdraftCentral RPC Authentication Bypass Chained to Plugin Installation Executive Summary This repository con...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
HIGH 8.6	CVE-2026-12197	Ruijie EG105G-P JSON-RPC Diagnose Endpoint diagnose nslookup command injection_CVE-2026-12197 A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose ...	Ruijie	EG105G-P 2.340	Jun 14, 2026	CVE
HIGH 8.7	CVE-2026-12187	GL.iNet GL-MT3000 Online Firmware Upgrade one_click_upgrade command injection_CVE-2026-12187 A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file...	GL.iNet	GL-MT3000 4.4.0	Jun 14, 2026	CVE