CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	TALOSBLOG:7A5EA...	Beyond IOCs: AI-enabled threat intelligence_TALOSBLOG:7A5EACBCE90B3C23AAD5D9F502830B62 ![Beyond IOCs: AI-enabled threat intelligence](https://storage.ghost.io/c/af/a0/afa04ee3-414f-4481-8d23-7e7c146f192e/content/images/2026/06/threat_...	N/A	N/A	Jun 25, 2026	TALOSBLOG
CRITICAL 9.3	CF51C38E-52F7-	cve-research_CF51C38E-52F7-5CB5-9ACE-2BCD8F86C0BE CVE Research Notes and code from going through public CVEs that caught my attention. Each folder has a writeup of how the bug actually worked, a de...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
NONE	2DBFA02A-1FF8-	pentest-cheatsheet_2DBFA02A-1FF8-528D-8CBD-0BB4657AC723 pentest-cheatsheet Commands, techniques and notes for penetration testing — web, AD, network, post-exploitation. Pentest Cheatsheet Commands, techn...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
MEDIUM 6	CVE-2026-6731	X.509 name constraint bypass via Subject CN treated as a DNS name_CVE-2026-6731 X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's D...	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE
LOW 1	CVE-2026-6681	PKCS#7 decode ignores caller output buffer size, writing past buffer bounds_CVE-2026-6681 The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to be written past the bounds of the pro...	wolfSSL	wolfSSL 3.10.0	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-6679	DTLS 1.3 ACK serialization heap buffer overflow via integer truncation_CVE-2026-6679 A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due ...	wolfSSL	wolfSSL 5.4.0	Jun 25, 2026	CVE
LOW 1	CVE-2026-6678	Integer underflow in wc_PKCS7_DecryptOri handling crafted Other Recipient Info_CVE-2026-6678 Integer underflow in wc_PKCS7_DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption.	wolfSSL	wolfSSL 3.15.5	Jun 25, 2026	CVE
LOW 1	CVE-2026-6450	CRL critical extension bypass in ParseCRL_Extensions_CVE-2026-6450 A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an u...	wolfSSL	wolfSSL 4.3.0	Jun 25, 2026	CVE
LOW 2.3	CVE-2026-6412	Continued acceptance of SHA-1/MD5 digests in certificate processing_CVE-2026-6412 Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing.	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-56445	pydicom pynetdicom Library Path Traversal_CVE-2026-56445 The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitizat...	pydicom	pynetdicom Library 1.0.0	Jun 25, 2026	CVE