MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-12213	hcengineering Huly Platform User Information operations.ts getAccountInfo improper authorization_CVE-2026-12213 A vulnerability was found in hcengineering Huly Platform up to 0.7.0. Affected by this vulnerability is the function getAccountInfo of the file ser...	hcengineering	Huly Platform 0.1	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-12212	hcengineering Huly Platform RPC operations.ts getMailboxSecret access control_CVE-2026-12212 A vulnerability has been found in hcengineering Huly Platform up to 0.7.0. Affected is the function getMailboxSecret of the file server/account/src...	hcengineering	Huly Platform 0.1	Jun 15, 2026	CVE
MEDIUM 5.1	CVE-2026-12223	Yealink SIP-T46U Web FastCGI Service tftpuploadiperf mod_webd.TFTPUploadIperf command injection_CVE-2026-12223 A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability is the function mod_webd.TFTPUploadIperf of the fil...	Yealink	SIP-T46U 108.86.0.118	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-12219	Yealink SIP-T46U Web FastCGI Service start mod_diagnose.CommandShellByType command injection_CVE-2026-12219 A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function mod_diagnose.CommandShellByType of the file /api/diagn...	Yealink	SIP-T46U 108.86.0.118	Jun 15, 2026	CVE
MEDIUM 5.1	CVE-2026-12211	Intelbras iNVU 7016 FT Web syslog path traversal_CVE-2026-12211 A flaw has been found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26. This impacts an unknown function of the file /RPC2_Loadfile/sys...	Intelbras	iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-12210	universal-tool-calling-protocol python-utcp utcp-gql/utcp-websocket server-side request forgery_CVE-2026-12210 A vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0. This affects an unknown function of the component utcp-gql/utcp-...	universal-tool-calling-protocol	python-utcp 1.1.0	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-12209	RubyLouvre avalon Template Filter index.js prototype pollution_CVE-2026-12209 A security vulnerability has been detected in RubyLouvre avalon up to 2.2.10. The impacted element is an unknown function of the file src/filters/i...	RubyLouvre	avalon 2.2.0	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-12208	jsonata-js jsonata Function Binding Frame System jsonata.js createFrame prototype pollution_CVE-2026-12208 A weakness has been identified in jsonata-js jsonata up to 2.2.0. The affected element is the function createFrame of the file src/jsonata.js of th...	jsonata-js	jsonata 2.0	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-12198	Microweber API Endpoint thumbnail_img userfiles_path path traversal_CVE-2026-12198 A weakness has been identified in Microweber up to 2.0.20. This affects the function userfiles_path of the file /api_nosession/thumbnail_img of the...	n/a	Microweber 2.0.0	Jun 15, 2026	CVE
MEDIUM 4.8	CVE-2026-12201	IObit Malware Fighter DLL permission_CVE-2026-12201 A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handle...	IObit	Malware Fighter 13.0	Jun 15, 2026	CVE