MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.7	THN:E4161CF0FE7...	China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth_THN:E4161CF0FE7CBFEDF9BA789D0C8137DE ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxym2hiE83TbiNOrIeH3s4QCF0wQ_BYcSYPKlC3m9LGSuJnH7UNicbkgIk4kQTbpPiLRul9dSxQ180XW656_...	N/A	N/A	Jun 16, 2026	THN
MEDIUM 6.3	CVE-2025-10262	An unsanitized format validation vulnerability in Nokia SR Linux_CVE-2025-10262 Nokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation. Successful exploitation of this vuln...	Nokia	SR Linux < 23.10.8	Jun 16, 2026	CVE
MEDIUM 6.3	CVE-2025-9912	A local privilege escalation vulnerability in Nokia SR Linux_CVE-2025-9912 Nokia SR Linux is vulnerable to a local privilege escalation vulnerability. Successful exploitation of this vulnerability may allow an authenticate...	Nokia	Nokia SR Linux < 23.10.8	Jun 16, 2026	CVE
MEDIUM 4.8	CVE-2026-8484	Heap buffer overflow in Jansi_CVE-2026-8484 A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the...	FuseSource	jansi	Jun 16, 2026	CVE
MEDIUM 6.9	CVE-2026-10828	CVE-2026-10828_CVE-2026-10828 A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Serie...	Moxa	NPort W2150A-W4/W2250A-W4 Series 1.0	Jun 16, 2026	CVE
MEDIUM 6.5	CVE-2026-54197	WordPress GetGenie plugin <= 4.4.1 - Sensitive Data Exposure vulnerability_CVE-2026-54197 Unauthenticated Sensitive Data Exposure in GetGenie	Wpmet	GetGenie n/a	Jun 16, 2026	CVE
MEDIUM 6.5	CVE-2026-54190	WordPress Envira Photo Gallery plugin <= 1.12.5 - Broken Access Control vulnerability_CVE-2026-54190 Unauthenticated Broken Access Control in Envira Photo Gallery	Awesomemotive	Envira Photo Gallery n/a	Jun 16, 2026	CVE
MEDIUM 6.5	CVE-2026-40809	WordPress Metro Magazine theme <= 1.4.1 - Broken Access Control vulnerability_CVE-2026-40809 Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This is...	Rara Themes	Metro Magazine n/a	Jun 16, 2026	CVE
MEDIUM 6.5	CVE-2026-2381	WooCommerce Stripe Payment Gateway <= 10.7.0 - Missing Authorization to Unauthenticated Order Status Manipulation via 'order' Parameter_CVE-2026-2381 The WooCommerce Stripe Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on...	woocommerce	WooCommerce Stripe Payment Gateway	Jun 16, 2026	CVE
MEDIUM 6.4	CVE-2026-10093	File Sharing & Download Manager <= 2.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'fldr_ttl' Parameter_CVE-2026-10093 The File Sharing & Download Manager – User Private Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fldr_ttl' param...	deepakkite	Secure Client Portal and Private File Sharing Plugin – User Private Files	Jun 16, 2026	CVE