exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-10658	Bluetooth Host ISO RX Missing SDU Header Length Validation in bt_iso_recv() Leads to DoS_CVE-2026-10658 A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In bt_iso_recv() (subsys/blue...	zephyrproject-rtos	Zephyr *	Jun 22, 2026	CVE
HIGH 7.1	CVE-2026-10651	Bluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds read_CVE-2026-10651 A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, bt_sd...	zephyrproject-rtos	Zephyr *	Jun 22, 2026	CVE
MEDIUM 4.9	CVE-2026-10645	fs: ext2: Missing structural validation of directory entries can cause out-of-bounds read and zero-progress directory traversal_CVE-2026-10645 Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversa...	zephyrproject-rtos	Zephyr *	Jun 22, 2026	CVE
HIGH 8.2	CVE-2026-11833	CVE-2026-11833_CVE-2026-11833 Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting inform...	Yokogawa Electric Corporation	FAST/TOOLS R9.01	Jun 23, 2026	CVE
MEDIUM 6.8	068C9182-D370-	Exploit for Out-of-bounds Write in Samsung Android_068C9182-D370-5C64-B905-6227B13760CE SveService Buffer Overflow --- Samsung SMR May 2026 SVE-2026-0478CVE-2026-21018 Affected versions: Android 14, 15, 16 Disclosure status: Privately ...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
MEDIUM 5.5	MS:CVE-2026-12444	Chromium: CVE-2026-12444 Out of bounds read in Chromoting_MS:CVE-2026-12444 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 7.8	MS:CVE-2026-12449	Chromium: CVE-2026-12449 Use after free in Chromoting_MS:CVE-2026-12449 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 8.3	MS:CVE-2026-12465	Chromium: CVE-2026-12465 Insufficient validation of untrusted input in Metrics_MS:CVE-2026-12465 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 5.3	CVE-2026-54236	vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router_CVE-2026-54236 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a saniti...	vllm-project	vllm < 0.23.1rc0	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-54235	vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels_CVE-2026-54235 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operat...	vllm-project	vllm < 0.23.1rc0	Jun 22, 2026	CVE