news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-42507	Arbitrary inputs are included in errors without any escaping in net/textproto_CVE-2026-42507 When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject ...	Go standard library	net/textproto	Jun 2, 2026	CVE
NONE	THN:39C53E79409...	WhatsApp, Slack Notifications Could Hijack Google Gemini on Android_THN:39C53E7940941BA527D7D41B5E56D8C8 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCJpW9I-QTgQOkP7AV3rwUtEOEs96ek2ySR06Go-xq5AThZV84qY3mDN1Dkh0oQ-94jZHc7zB21ax9ljU0dW...	N/A	N/A	Jun 3, 2026	THN
NONE	420BEB65-BD63-	Exploit for CVE-2026-26897_420BEB65-BD63-521E-90B1-5065E05B96C0 EcoOnline EHS Android — Deep Link Validation Bypass → WebView Open Redirect CVE-2026-26897 Public disclosure / advisory for CVE-2026-26897, a deep ...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
MEDIUM 6.5	CVE-2026-35718	CVE-2026-35718_CVE-2026-35718 A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers t...	n/a	n/a n/a	Jun 2, 2026	CVE
HIGH 8.8	CVE-2026-30652	CVE-2026-30652_CVE-2026-30652 A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firm...	Vivotek	Vivotek FD8136 FD8136-VVTK-0300a	Jun 2, 2026	CVE
CRITICAL 9.8	CVE-2026-38967	CVE-2026-38967_CVE-2026-38967 CrowCpp Crow through v1.3.1 HTTP is vulnerable to response header injection via unvalidated response header values.	CrowCpp	CrowCpp Crow v1.3.1	Jun 2, 2026	CVE
MEDIUM 6.1	CVE-2026-33553	CVE-2026-33553_CVE-2026-33553 Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS.	n/a	n/a n/a	Jun 2, 2026	CVE
MEDIUM 6.1	CVE-2026-30586	CVE-2026-30586_CVE-2026-30586 Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZE_SCHEMA, Mem...	n/a	n/a n/a	Jun 2, 2026	CVE
HIGH 7.5	CVE-2026-10701	Incorrect boundary conditions in the Graphics: Text component_CVE-2026-10701 Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3.	Mozilla	Firefox 151.0.3	Jun 2, 2026	CVE
HIGH 7.4	CVE-2025-64390	CVE-2025-64390_CVE-2025-64390 A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be esc...	Sony	PS4 13.00	Jun 2, 2026	CVE