Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-58138	Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators_CVE-2026-58138 Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbit...	conductor-oss	conductor 3.21.21	Jun 30, 2026	CVE
HIGH 7.2	CVE-2026-10513	Webmention <= 5.8.0 - Unauthenticated Stored Cross-Site Scripting via MF2 'photo'/'url' Author Properties_CVE-2026-10513 The Webmention plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.8.0 via parser-derived 'avatar' ...	pfefferle	Webmention	Jun 30, 2026	CVE
NONE	871DDD96-CF98-	stack-buffer-overflow-lab_871DDD96-CF98-5B7C-99B6-28D1C125145C Stack Buffer Overflow Lab Overview This project demonstrates a stack-based buffer overflow vulnerability and explores how memory corruption can be ...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 8.8	28C8120C-CE6C-	Exploit for Write-what-where Condition in Linux Linux_Kernel_28C8120C-CE6C-515B-80F8-7917AC287FB6 CVE-KERNEL · Linux Kernel LPE Chain Multi-CVE Local Privilege Escalation chain for Linux kernel vulnerabilities uid=1000 → root via xfrm-ESP, RxRPC...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
NONE	MSSECURE:93863E...	Securing AI agents: When AI tools move from reading to acting_MSSECURE:93863E78310BB5B0C475322E2563973E In this article 1. From reading to acting 2. Attack pattern: MCP tool poisoning in a finance workflow 3. Mitigation and protection guidance ...	N/A	N/A	Jun 30, 2026	MSSECURE
NONE	MSSECURE:15844A...	What’s new in Microsoft Security: June 2026_MSSECURE:15844A384550CB9DFB48EEF32BA85C92 As organizations scale AI and agents across environments, security teams need protection that covers every surface. The Microsoft vision is simple:...	N/A	N/A	Jun 30, 2026	MSSECURE
NONE	HACKREAD:B855E8...	Modern Enterprises: How to Evaluate the Security and Compliance of Office Software_HACKREAD:B855E82138988E71D4ADF265ACF8D6B1 Learn how modern businesses can judge office software for ISO 27001 certification, GDPR-aligned data handling, encryption, and safer PDF workflows ...	N/A	N/A	Jun 30, 2026	HACKREAD
NONE	HACKREAD:5CB111...	New EvilTokens Attack Exposes Browser Visibility Gap in Enterprise SOCs_HACKREAD:5CB111601946A41581FBDA03554214D0 EvilTokens phishing hides takeover clues until browser execution leaving SOC teams needing deeper visibility to validate threats faster and reduce ...	N/A	N/A	Jun 30, 2026	HACKREAD
NONE	THN:56D673F9C00...	RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS_THN:56D673F9C000319584F3260FEEE6F37F ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2XzOOqoX4E_CfxUMxd0YAH9MRjvZ8-kBBiVhd2VvCvbie3zla8PA80fO2xZ4Ux3_gmreVKG7ANFrSGpDk1l...	N/A	N/A	Jun 30, 2026	THN
NONE	THN:37D29293C42...	Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data_THN:37D29293C42AEFD7504A2E2BEBB8A524 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbjfrraZ05p0kN5CedcQSOZYouoHGrdpCvi9TGxEZM_9zlXc_juWZ1F8VsvjV9c-iD7Ejgj0V6b0uYwOb9mL...	N/A	N/A	Jun 30, 2026	THN