news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2026-6209	Improper Access Control in in HAVELSAN’s Geographic Tracking System_CVE-2026-6209 Improper Access Control, Missing Authorization vulnerability in HAVELSAN Inc. Geographic Tracking System allows Accessing Functionality Not Properl...	HAVELSAN Inc.	Geographic Tracking System	Jun 5, 2026	CVE
CRITICAL 9.1	CVE-2026-6208	IDOR in in HAVELSAN’s Geographic Tracking System_CVE-2026-6208 Authorization bypass through User-Controlled key vulnerability in HAVELSAN Inc. Geographic Tracking System allows Exploitation of Trusted Identifie...	HAVELSAN Inc.	Geographic Tracking System	Jun 5, 2026	CVE
CRITICAL 9.1	CVE-2026-6207	User Enumeration in in HAVELSAN’s Geographic Tracking System_CVE-2026-6207 Observable response discrepancy vulnerability in HAVELSAN Inc. Geographic Tracking System allows System Footprinting. This issue affects Geographi...	HAVELSAN Inc.	Geographic Tracking System	Jun 5, 2026	CVE
HIGH 8.8	CVE-2026-48095	GHSL-2026-140_7-Zip: 7-Zip has a heap buffer overflow via NTFS compressed stream buffer under-allocation_CVE-2026-48095 7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-al...	Igor Pavlov	7-Zip <= 26.00	Jun 5, 2026	CVE
MEDIUM 4.3	CVE-2026-48092	7-Zip SquashFS Fragment Offset Overflow (GHSL-2026-116)_CVE-2026-48092 7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset i...	mcmilk	7-Zip >= 9.34, < 26.01	Jun 5, 2026	CVE
MEDIUM 5.3	CVE-2026-11335	tittuvarghese CollegeManagementSystem login-form.php session_start session fixiation_CVE-2026-11335 A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. T...	tittuvarghese	CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3	Jun 5, 2026	CVE
MEDIUM 6.9	CVE-2026-11334	tittuvarghese CollegeManagementSystem fetch.php sql injection_CVE-2026-11334 A vulnerability was detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8e...	tittuvarghese	CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3	Jun 5, 2026	CVE
MEDIUM 5.3	CVE-2026-11333	tittuvarghese CollegeManagementSystem Student Data Upload Endpoint upload_student_data.php unrestricted upload_CVE-2026-11333 A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610...	tittuvarghese	CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3	Jun 5, 2026	CVE
HIGH 7.1	CVE-2025-59174	CVE-2025-59174_CVE-2025-59174 Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted ...	Ericsson	Packet Core Controller	Jun 5, 2026	CVE
CRITICAL 9.6	D941C451-6928-	Exploit for CVE-2026-48866_D941C451-6928-596E-8F60-A1FA724CCF70 --- ┌───────────────────────────────────────────────────────────┐ │ │ │ C V E - 2 0 2 6 - 4 8 8 6 6 │ │ │ │ Gravity Forms Path Traversal → Arbitrar...	N/A	N/A	Jun 5, 2026	GITHUBEXPLOIT