exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	MALWAREBYTES:25...	We found this fake-invoice campaign while scammers were still building it_MALWAREBYTES:25837C9966B4BAC9D5751BE5031B9FC8 A new batch of fake payment invoices is being staged right now, and we caught the campaign while it was still being put together. The emails impers...	N/A	N/A	Jun 3, 2026	MALWAREBYTES
NONE	WIRED:1EAF5DF8A...	xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity_WIRED:1EAF5DF8A74C5E2543ACF401BFDFAF11 Four people suing Elon Musk's AI firm under pseudonyms due to the risks of being identified may face a difficult choice: Reveal your real names, or...	N/A	N/A	Jun 3, 2026	WIRED
MEDIUM 5.3	CVE-2026-42507	Arbitrary inputs are included in errors without any escaping in net/textproto_CVE-2026-42507 When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject ...	Go standard library	net/textproto	Jun 2, 2026	CVE
NONE	THN:39C53E79409...	WhatsApp, Slack Notifications Could Hijack Google Gemini on Android_THN:39C53E7940941BA527D7D41B5E56D8C8 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCJpW9I-QTgQOkP7AV3rwUtEOEs96ek2ySR06Go-xq5AThZV84qY3mDN1Dkh0oQ-94jZHc7zB21ax9ljU0dW...	N/A	N/A	Jun 3, 2026	THN
NONE	420BEB65-BD63-	Exploit for CVE-2026-26897_420BEB65-BD63-521E-90B1-5065E05B96C0 EcoOnline EHS Android — Deep Link Validation Bypass → WebView Open Redirect CVE-2026-26897 Public disclosure / advisory for CVE-2026-26897, a deep ...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
MEDIUM 6.5	CVE-2026-35718	CVE-2026-35718_CVE-2026-35718 A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers t...	n/a	n/a n/a	Jun 2, 2026	CVE
HIGH 8.8	CVE-2026-30652	CVE-2026-30652_CVE-2026-30652 A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firm...	Vivotek	Vivotek FD8136 FD8136-VVTK-0300a	Jun 2, 2026	CVE
CRITICAL 9.8	CVE-2026-38967	CVE-2026-38967_CVE-2026-38967 CrowCpp Crow through v1.3.1 HTTP is vulnerable to response header injection via unvalidated response header values.	CrowCpp	CrowCpp Crow v1.3.1	Jun 2, 2026	CVE
MEDIUM 6.1	CVE-2026-33553	CVE-2026-33553_CVE-2026-33553 Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS.	n/a	n/a n/a	Jun 2, 2026	CVE
MEDIUM 6.1	CVE-2026-30586	CVE-2026-30586_CVE-2026-30586 Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZE_SCHEMA, Mem...	n/a	n/a n/a	Jun 2, 2026	CVE