HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-43715	CVE-2026-43715_CVE-2026-43715 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tah...	Apple	Safari	Jun 29, 2026	CVE
HIGH 8.8	CVE-2026-43705	CVE-2026-43705_CVE-2026-43705 A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. ...	Apple	Safari 26.5.2	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-41896	Coolify: Unauthenticated Deployment Trigger via Webhook HMAC Bypass with Null Secret_CVE-2026-41896 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the HMAC key is the ap...	coollabsio	coolify < 4.0.0-beta.474	Jun 29, 2026	CVE
HIGH 8.8	CVE-2026-34597	Coolify: Authenticated Host RCE_CVE-2026-34597 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.470, a critical Authenticat...	coollabsio	coolify < 4.0.0-beta.470	Jun 29, 2026	CVE
HIGH 8.8	CVE-2026-34594	Coolify: Authenticated Remote Code Execution via Command Injection in Destination Network Management_CVE-2026-34594 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, an authenticated comma...	coollabsio	coolify < 4.0.0-beta.471	Jun 29, 2026	CVE
HIGH 7.7	CVE-2026-34592	Coolify: Cross-Team IDOR via Unscoped Server and Project Lookups Exposes SSH Keys and Infrastructure_CVE-2026-34592 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, Coolify server and pro...	coollabsio	coolify < 4.0.0-beta.471	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-8023	Path traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file read_CVE-2026-8023 Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYS...	zephyrproject	zephyr 4.0.0	Jun 29, 2026	CVE
HIGH 8.1	CVE-2026-7656	Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack_CVE-2026-7656 The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expr...	zephyrproject	zephyr 1.14.0	Jun 29, 2026	CVE
HIGH 7.8	B815CF61-2540-	Exploit for Out-of-bounds Write in Netapp Bootstrap_Os_B815CF61-2540-5E4D-AAB8-F3976D79DF34 Security Notice: This repository contains working exploit code for educational and research purposes. Use responsibly and only on systems you own o...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
HIGH 7.8	CVE-2026-49416	Integer overflow in vt(4) CONS_HISTORY ioctl_CVE-2026-49416 The CONS_HISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size...	FreeBSD	FreeBSD 15.0-RELEASE	Jun 27, 2026	CVE