Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	CVE-2026-6556	@fastify/express vulnerable to middleware bypass via non-string mount paths in prefixed plugins_CVE-2026-6556 @fastify/express versions 4.0.6 and earlier only rewrite the plugin prefix for middleware mount paths when the path argument is a string. Non-strin...	@fastify/express	@fastify/express	Jun 30, 2026	CVE
MEDIUM 6.5	CVE-2026-58374	CVE-2026-58374_CVE-2026-58374 In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing allows ...	w1.fi	hostapd	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-58116	LLaMA-Factory 0.9.5 Remote Code Execution via WebUI Model Path_CVE-2026-58116 LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code...	hiyouga	LlamaFactory 0.9.5	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-58016	Glib: integer underflow in gio/gdbusintrospection.c via “g_dbus_node_info_new_for_xml”_CVE-2026-58016 A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing mal...	Red Hat	Red Hat Enterprise Linux 10	Jun 30, 2026	CVE
MEDIUM 5.9	CVE-2026-58015	Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive_CVE-2026-58015 A flaw was found in GLib. The D-Bus client-side implementation of the DBUS_COOKIE_SHA1 SASL authentication mechanism does not validate the cookie_c...	Red Hat	Red Hat Enterprise Linux 10	Jun 30, 2026	CVE
HIGH 7.3	CVE-2026-58014	Glib: off-by-one error in glib/gkeyfile.c via “g_key_file_get_locale_string_list”_CVE-2026-58014 A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key...	Red Hat	Red Hat Enterprise Linux 10	Jun 30, 2026	CVE
MEDIUM 6.5	CVE-2026-58013	Glib: buffer over-read in glib/giochannel.c via “g_io_channel_read_line_backend”_CVE-2026-58013 A flaw was found in GLib. A buffer over-read can occur in g_io_channel_read_line_backend() in the giochannel.c file when a custom line terminator w...	Red Hat	Red Hat Enterprise Linux 10	Jun 30, 2026	CVE
CRITICAL 9.4	B4B4CA7A-D754-	Exploit for OS Command Injection in Devcode Openstamanager_B4B4CA7A-D754-5C31-B526-5E199D0B91D5 CVE-2025-69212 OpenSTAManager --check Vulnerability Check bash Auto-detect plugin and verify vulnerability python3 exploit.py -t http://target.com ...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 10	649313DD-31AD-	igracias-audit_649313DD-31AD-562A-AF7A-09744ED8C4C5 🎯 iGracias Security Audit — Telkom University Comprehensive security testing suite for igracias.telkomuniversity.ac.id. Stack detected: nginx + PH...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
MEDIUM 6.5	CVE-2026-58012	Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()_CVE-2026-58012 A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used with the `G_REGEX_RAW` compile flag and case-chang...	Red Hat	Red Hat Enterprise Linux 10	Jun 30, 2026	CVE