Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	MALWAREBYTES:7C...	A week in security (June 22 – June 28)_MALWAREBYTES:7CCFE500B465F42CBB3362184D1FEB5E Last week on Malwarebytes Labs: * Malware steals Chrome session cookies to take over your accounts * Beware of "Parcel Expert" job offers: The...	N/A	N/A	Jun 29, 2026	MALWAREBYTES
HIGH 8.8	08B3547F-EB17-	Exploit for CVE-2026-43503_08B3547F-EB17-5EB6-A6F5-A9DF637A08A1 DirtyClone CVE-2026-43503 - Python PoC Non-official Python port of DirtyClone — a Linux kernel local privilege escalation vulnerability. This repos...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 10	34A53A7F-B52C-	Exploit for Improper Access Control in Widgetfactorylimited Jce_34A53A7F-B52C-57A9-A909-5AB579FB98CF No description provided...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
CRITICAL 9.8	THN:F53B27C1384...	Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw_THN:F53B27C138472132B01211FCBA7A4D7A ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhD9yQyR_bCP0-I73R6EpwLjJtptGUvzeJD90oYzZvFZXVnM99EIvHFtIJlhZ2f4NSZkAyO7JWjJOy6Zd3lAt...	N/A	N/A	Jun 29, 2026	THN
MEDIUM 5.3	CVE-2026-13538	Wavlink WL-NU516U1-A POST Parameter wireless.cgi sub_401D68 command injection_CVE-2026-13538 A vulnerability was determined in Wavlink WL-NU516U1-A M16U1_V240425. The affected element is the function sub_401D68 of the file /cgi-bin/wireless...	Wavlink	WL-NU516U1-A M16U1_V240425	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13537	CodeAstro Human Resource Management System cross-site request forgery_CVE-2026-13537 A vulnerability was found in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function. The manipulation results in cross-sit...	CodeAstro	Human Resource Management System 1.0	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13536	GotoHTTP reg.12x cross site scripting_CVE-2026-13536 A vulnerability has been found in GotoHTTP up to 10.2. This issue affects some unknown processing of the file /reg.12x. The manipulation of the arg...	n/a	GotoHTTP 10.0	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13535	CodeAstro Human Resource Management System View Endpoint Employee_model.php GetFileInfo sql injection_CVE-2026-13535 A flaw has been found in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function GetFileInfo of the file hrsystem/a...	CodeAstro	Human Resource Management System 1.0	Jun 29, 2026	CVE
LOW 2.3	CVE-2026-13534	CherryHQ cherry-studio CherryIN Preload API MemoryService.ts sha256 authorization_CVE-2026-13534 A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemorySer...	CherryHQ	cherry-studio 1.9.0	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-13533	agentejo Cockpit CMS htaccess config.yaml YAMLLoad file access_CVE-2026-13533 A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file ...	agentejo	Cockpit CMS 0.12.0	Jun 29, 2026	CVE