news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-53281	iommu/vt-d: Avoid NULL pointer dereference or refcount corruption_CVE-2026-53281 In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f0...	Linux	Linux 60f030f7418d3f1d94f2fb207fe3080e1844630b	Jun 26, 2026	CVE
LOW 2.3	CVE-2026-13483	arc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticity_CVE-2026-13483 A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encr...	arc53	DocsGPT 0.1	Jun 28, 2026	CVE
MEDIUM 4.3	7CCF82DA-9ED8-	Exploit for Generation of Predictable IV with CBC Mode in Redhat Enterprise_Linux_7CCF82DA-9ED8-5712-B61D-DF768142FF9C CVE-2014-3566...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
CRITICAL 10	4A147D4B-6F2A-	Safeguard-Exploit-Vault_4A147D4B-6F2A-52CA-9C2F-F20FE406DEC5 Safeguard THIS TAKES TIME TO DO HUNTING ITS AI HUNTER SO IF YOU SAID LIKE HUNT ON THIS TARGET THIS WILL TAKE TIME INSTED OF THAT FOR QUICK TEST SAY...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
MEDIUM 6.3	CVE-2026-13482	skypilot-org skypilot User ID server.py username.encode weak hash_CVE-2026-13482 A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the...	skypilot-org	skypilot 0.1	Jun 28, 2026	CVE
HIGH 7.4	CVE-2026-10646	Use-after-return in `zsock_getaddrinfo()` when a timed-out DNS query is retried without cancellation_CVE-2026-10646 Zephyr's BSD-sockets getaddrinfo() implementation (subsys/net/lib/sockets/getaddrinfo.c) passes a pointer to a stack-allocated state object (struct...	zephyrproject	zephyr 4.0.0	Jun 28, 2026	CVE
MEDIUM 4.2	CVE-2026-10644	Out-of-bounds write in Microchip SERCOM-G1 (PIC32CM-JH) async UART RX with 1-byte buffer_CVE-2026-10644 The Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c), used by the PIC32CM-JH SoC family, contains an out-of-bounds write in i...	zephyrproject	zephyr 4.4.0	Jun 28, 2026	CVE
MEDIUM 6.5	CVE-2026-10593	Remotely triggerable NULL-pointer dereference in Bluetooth LE Audio BAP unicast client QoS-state handling_CVE-2026-10593 The Zephyr Bluetooth LE Audio Basic Audio Profile (BAP) unicast client mishandles peer-supplied ASE state notifications. In unicast_client_ep_qos_s...	zephyrproject	zephyr 4.3.0	Jun 28, 2026	CVE
NONE	522F040F-3E67-	school-buslocation-sqli-cve_522F040F-3E67-59B4-8183-025C01D1A67B CVE-2026-XXXXX Unauthenticated SQL Injection in School Management System — Bus Location Endpoint --- Advisory Information \| Field \| Value \| \|------...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
HIGH 8.8	95D6A730-EFAD-	Exploit for CVE-2026-43503_95D6A730-EFAD-5C8A-A651-39A9ED5B00CB DirtyClone DirtyClone is a C-based local privilege escalation LPE proof-of-concept targeting a kernel/XFRM-related vulnerability described in the s...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT