MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-12203	HKUDS AI-Trader Research Export agents.csv information disclosure_CVE-2026-12203 A vulnerability was found in HKUDS AI-Trader up to 74caf996f78dcc0c657df8365c8544678a16e215. This affects an unknown part of the file /api/research...	HKUDS	AI-Trader 74caf996f78dcc0c657df8365c8544678a16e215	Jun 15, 2026	CVE
MEDIUM 4.8	CVE-2026-12202	Intelliants Subrion CMS Blocks Endpoint cross site scripting_CVE-2026-12202 A vulnerability has been found in Intelliants Subrion CMS up to 4.0.3. Affected by this issue is some unknown functionality of the component Blocks...	Intelliants	Subrion CMS 4.0.0	Jun 15, 2026	CVE
MEDIUM 4.8	CVE-2026-12189	Moovit Bus & Public Transit App com.tranzmate improper authorization in handler for custom url scheme_CVE-2026-12189 A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a ...	Moovit	Bus & Public Transit App 1.18	Jun 14, 2026	CVE
MEDIUM 5.3	CVE-2026-12188	Grit42 Grit GritEntityController grit_entity_controller.rb sql injection_CVE-2026-12188 A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app...	Grit42	Grit 0.1	Jun 14, 2026	CVE
MEDIUM 4.8	CVE-2026-12190	Genspark AI Workspace App ai.mainfunc.genspark improper authorization in handler for custom url scheme_CVE-2026-12190 A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc....	Genspark	AI Workspace App 2.8.4	Jun 14, 2026	CVE
MEDIUM 6.9	CVE-2026-54411	CVE-2026-54411_CVE-2026-54411 Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in module...	Linux-PAM	Linux-PAM	Jun 14, 2026	CVE
MEDIUM 6.8	CVE-2026-54421	CVE-2026-54421_CVE-2026-54421 In OpenStack Ironic through 35.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unred...	OpenStack	Ironic	Jun 14, 2026	CVE
MEDIUM 5.3	1875515F-1163-	Exploit for Unchecked Input for Loop Condition in Isc Bind_1875515F-1163-510B-A697-82A204A481CB CVE-2026-5950 - BIND 9 Resolver DoS Research notes and defensive guidance for CVE-2026-5950, an unbounded resend loop vulnerability in the BIND 9 r...	N/A	N/A	Jun 14, 2026	GITHUBEXPLOIT
MEDIUM 5.1	CVE-2026-12175	CodeAstro Student Attendance Management System createStudents.php sql injection_CVE-2026-12175 A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Adm...	CodeAstro	Student Attendance Management System 1.0	Jun 13, 2026	CVE
MEDIUM 5.3	CVE-2026-12176	SourceCodester CET Automated Grading System with AI Predictive Analytics index.php cross site scripting_CVE-2026-12176 A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown ...	SourceCodester	CET Automated Grading System with AI Predictive Analytics 1.0	Jun 13, 2026	CVE