MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-13522	Investintech SlimPDFReader PDF File SlimPDFReader.exe TeighaDo+0x25cde0 out-of-bounds_CVE-2026-13522 A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::...	Investintech	SlimPDFReader 2.0.0	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-13521	SourceCodester Class and Exam Timetabling System preview5.php sql injection_CVE-2026-13521 A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php. Affected by this vulnerability is an unknown function...	SourceCodester	Class and Exam Timetabling System 1.0	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13520	itsourcecode Hospital Management System Appointment appointmentapproval.php sql injection_CVE-2026-13520 A vulnerability was determined in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /appointmentapproval.php...	itsourcecode	Hospital Management System 1.0	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-13526	SourceCodester Class and Exam Timetabling System edit_class.php sql injection_CVE-2026-13526 A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_class.php. This ma...	SourceCodester	Class and Exam Timetabling System 1.0	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13525	CodeAstro Human Resource Management System Update_Earn_Leave Endpoint Employee_model.php emselectByCode sql injection_CVE-2026-13525 A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file applicat...	CodeAstro	Human Resource Management System 1.0	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-13524	CherryHQ cherry-studio MCP OAuth Local Callback Server callback.ts improper authorization_CVE-2026-13524 A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/serv...	CherryHQ	cherry-studio 1.9.0	Jun 29, 2026	CVE
MEDIUM 4.8	CVE-2026-13523	GPAC ISOBMFF base_encoding.c data amplification_CVE-2026-13523 A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF P...	n/a	GPAC 26.02	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-13510	SimStudioAI sim Password Protection deployment.ts weak hash_CVE-2026-13510 A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/c...	SimStudioAI	sim 0.6.0	Jun 28, 2026	CVE
MEDIUM 5.3	CVE-2026-13512	Databend Tenant client_session_manager.rs state_key authorization_CVE-2026-13512 A vulnerability was identified in Databend up to 1.2.881 on HTTP. This affects the function ClientSessionManager::state_key of the file src/query/s...	n/a	Databend 1.2.881	Jun 28, 2026	CVE
MEDIUM 5.3	CVE-2026-13509	RAGapp Knowledge File files.py FileHandler.remove_file path traversal_CVE-2026-13509 A vulnerability has been found in RAGapp up to 0.1.5. Affected is the function FileHandler.upload_file/FileHandler.remove_file of the file src/raga...	n/a	RAGapp 0.1.0	Jun 28, 2026	CVE