Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	4A147D4B-6F2A-	Safeguard-Exploit-Vault_4A147D4B-6F2A-52CA-9C2F-F20FE406DEC5 Safeguard THIS TAKES TIME TO DO HUNTING ITS AI HUNTER SO IF YOU SAID LIKE HUNT ON THIS TARGET THIS WILL TAKE TIME INSTED OF THAT FOR QUICK TEST SAY...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
MEDIUM 6.3	CVE-2026-13482	skypilot-org skypilot User ID server.py username.encode weak hash_CVE-2026-13482 A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the...	skypilot-org	skypilot 0.1	Jun 28, 2026	CVE
HIGH 7.4	CVE-2026-10646	Use-after-return in `zsock_getaddrinfo()` when a timed-out DNS query is retried without cancellation_CVE-2026-10646 Zephyr's BSD-sockets getaddrinfo() implementation (subsys/net/lib/sockets/getaddrinfo.c) passes a pointer to a stack-allocated state object (struct...	zephyrproject	zephyr 4.0.0	Jun 28, 2026	CVE
MEDIUM 4.2	CVE-2026-10644	Out-of-bounds write in Microchip SERCOM-G1 (PIC32CM-JH) async UART RX with 1-byte buffer_CVE-2026-10644 The Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c), used by the PIC32CM-JH SoC family, contains an out-of-bounds write in i...	zephyrproject	zephyr 4.4.0	Jun 28, 2026	CVE
MEDIUM 6.5	CVE-2026-10593	Remotely triggerable NULL-pointer dereference in Bluetooth LE Audio BAP unicast client QoS-state handling_CVE-2026-10593 The Zephyr Bluetooth LE Audio Basic Audio Profile (BAP) unicast client mishandles peer-supplied ASE state notifications. In unicast_client_ep_qos_s...	zephyrproject	zephyr 4.3.0	Jun 28, 2026	CVE
NONE	522F040F-3E67-	school-buslocation-sqli-cve_522F040F-3E67-59B4-8183-025C01D1A67B CVE-2026-XXXXX Unauthenticated SQL Injection in School Management System — Bus Location Endpoint --- Advisory Information \| Field \| Value \| \|------...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
HIGH 8.8	95D6A730-EFAD-	Exploit for CVE-2026-43503_95D6A730-EFAD-5C8A-A651-39A9ED5B00CB DirtyClone DirtyClone is a C-based local privilege escalation LPE proof-of-concept targeting a kernel/XFRM-related vulnerability described in the s...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
CRITICAL 9.4	7A2BFD33-83FB-	Exploit for OS Command Injection in Devcode Openstamanager_7A2BFD33-83FB-5B33-86D9-0CC82F7A488C CVE-2025-69212 PoC - OpenSTAManager P7M Command Injection RCE Exploit Proof of Concept PoC exploit for CVE-2025-69212, an authenticated OS command ...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
NONE	93EFF22D-54CE-	e107-comment-sqli-cve_93EFF22D-54CE-5264-8AEA-EFBB4F5B94EB CVE-2026-XXXXX Unauthenticated Blind SQL Injection in e107 CMS Comment System via Unsafe toDB + select Chain --- Advisory Information \| Field \| Val...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
NONE	9F909712-BD5A-	doctorpatientportal-rce-sqli-cve_9F909712-BD5A-5DA3-A1F1-6729769D94B0 CVE-2026-XXXXX Unauthenticated Arbitrary File Upload RCE + SQL Injection in Doctor Patient Portal --- Advisory Information \| Field \| Value \| \|-----...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT