Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-57875	GV-LPC2011/LPC2211 – unauthorized null pointer dereference vulnerability in packet parsing_CVE-2026-57875 An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC20...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57874	GV-LPC2011/LPC2211 – unauthorized buffer overflow vulnerability (IEEE8021x_upload.cgi)_CVE-2026-57874 An unauthenticated buffer overflow vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulne...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57873	GV-LPC2011/LPC2211 – unauthorized null pointer dereference vulnerability (IEEE8021x_upload.cgi)_CVE-2026-57873 An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. ...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57872	GV-LPC2011/LPC2211 – unauthorized directory traversal vulnerability (get_fcont.cgi)_CVE-2026-57872 An unauthenticated directory traversal vulnerability exists in get_fcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerab...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
HIGH 8.3	CVE-2026-2053	Unauthenticated Server-Side Request Forgery via WS-Addressing in WSO2 API Manager_CVE-2026-2053 The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled in...	WSO2	WSO2 API Manager	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-1869	User Registration & Membership <= 5.2.0 - Missing Authorization to Unauthenticated Payment Bypass_CVE-2026-1869 The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Bu...	wpeverest	User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder	Jun 26, 2026	CVE
MEDIUM 5.5	MS:CVE-2026-4367	Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing_MS:CVE-2026-4367 {“lastseen”:”2026-06-26T07:47:53″,”description”:””,”published”:”2026-06-25T08:03:...	N/A	N/A	Jun 25, 2026	MSCVE
HIGH 8.8	THN:3AF4D7A4A25...	Google Details Turla’s New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks_THN:3AF4D7A4A2521E78D5A57F5ED9C21560 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9SthtlfUvEkaX0iZanYdYTAOV5hgm44yCwHu_3GCaoa11rO-GkO9oc0_qN9JGw2n86dsEsN_sdaYt2ra_4I...	N/A	N/A	Jun 26, 2026	THN
CRITICAL 9.8	BECF4517-38B6-	Exploit for Authentication Bypass Using an Alternate Path or Channel in Nvidia Triton_Inference_Server_BECF4517-38B6-5DC3-97A0-FDF34F1763C0 CVE-2026-24207 / 24206 — NVIDIA Triton Inference Server SageMaker & Vertex AI auth bypass Unauthenticated attackers can reach the model-management ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 9.8	8C0976A0-3F8E-	Exploit for Authentication Bypass Using an Alternate Path or Channel in Nvidia Triton_Inference_Server_8C0976A0-3F8E-508D-8CD5-6A5A5D01F118 CVE-2026-24207 / 24206 — NVIDIA Triton Inference Server SageMaker & Vertex AI auth bypass Unauthenticated attackers can reach the model-management ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT