HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-34026	Path traversal in Wertheim SafeController Software allows authenticated users to download arbitrary files_CVE-2026-34026 Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /sa...	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-34024	Missing authorization checks in Wertheim SafeController Software allow low-privileged users to access restricted functions_CVE-2026-34024 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains missing authorization checks on multiple web application endpoints....	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-34023	Broken WebSocket authorization in Wertheim SafeController Software allows cross-branch access to restricted functions_CVE-2026-34023 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect authorization vulnerability in the WebSocket communica...	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-34022	Weak custom cryptography and hard-coded keys in Wertheim SafeController 65000 allow traffic decryption_CVE-2026-34022 The Wertheim SafeController Family 65000, Controller 65000 - AssemblyVersion 6.11.8130.22319, uses weak custom cryptographic algorithms with hard-c...	Wertheim GmbH	Wertheim SafeController Family 65000 Hardware for VAULT ROOMS (Safe Deposit Locker System - Microcontroller) Wertheim SafeController Family 65000, Controller 65000 - AssemblyVersion 6.11.8130.22319	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-34021	Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay_CVE-2026-34021 The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcont...	Wertheim GmbH	Wertheim SafeController 5400 Hardware for VAULT ROOMS (Safe Deposit Locker System - Microcontroller) Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320	Jun 15, 2026	CVE
HIGH 8.6	CVE-2026-12057	DoS + Remote Code Execution via PDF JavaScript in Foxit AI_CVE-2026-12057 When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which ...	Foxit Software Inc.	Foxit AI before 2026-06-15	Jun 15, 2026	CVE
HIGH 7.8	D363BAF0-6BAA-	Exploit for Improper Input Validation in Getcomposer Composer_D363BAF0-6BAA-59BC-891C-FFB76DCFF6B6 No description provided...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
HIGH 8.1	THN:58DE1EE538F...	Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites_THN:58DE1EE538F35B61249A99D3964FCCD0 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5TE5Z8cG6zx7J64PdC2qxAh0h0o-KRwA1vEBvunxSEWkh5QmlsaIe2zKWUL7yX28chYs9zWMwA6eBcmTzfR...	N/A	N/A	Jun 15, 2026	THN
HIGH 7.8	CVE-2026-50100	CVE-2026-50100_CVE-2026-50100 Multiple printer drivers provided by Ricoh Company, Ltd. and KONICA MINOLTA JAPAN, INC. contain a privilege escalation vulnerability. If this vulne...	Ricoh Company, Ltd.	Multiple printer drivers see the information provided by the vendor	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-11860	Insecure Deserialisation via Plaintext HTTP leading to Remote Code Execution in Quick.CMS_CVE-2026-11860 Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tampe...	OpenSolution	Quick.CMS	Jun 15, 2026	CVE