Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	MSSECURE:A4C90F...	StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them_MSSECURE:A4C90F6D8F83B1BF96EC12CDFC5FC84E In this article 1. The role of infostealers: From credential theft to intrusion 2. StealC: Infostealer for rent 3. Amadey: Malware-as-a-serv...	N/A	N/A	Jun 24, 2026	MSSECURE
NONE	MSSECURE:0C0117...	Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms_MSSECURE:0C0117AE434E10AACC147291C44D651A The endpoint management category is being redefined in real time. Organizations no longer need tools that only inventory devices or enforce configu...	N/A	N/A	Jun 25, 2026	MSSECURE
NONE	TALOSBLOG:7A5EA...	Beyond IOCs: AI-enabled threat intelligence_TALOSBLOG:7A5EACBCE90B3C23AAD5D9F502830B62 ![Beyond IOCs: AI-enabled threat intelligence](https://storage.ghost.io/c/af/a0/afa04ee3-414f-4481-8d23-7e7c146f192e/content/images/2026/06/threat_...	N/A	N/A	Jun 25, 2026	TALOSBLOG
CRITICAL 9.3	CF51C38E-52F7-	cve-research_CF51C38E-52F7-5CB5-9ACE-2BCD8F86C0BE CVE Research Notes and code from going through public CVEs that caught my attention. Each folder has a writeup of how the bug actually worked, a de...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
NONE	2DBFA02A-1FF8-	pentest-cheatsheet_2DBFA02A-1FF8-528D-8CBD-0BB4657AC723 pentest-cheatsheet Commands, techniques and notes for penetration testing — web, AD, network, post-exploitation. Pentest Cheatsheet Commands, techn...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
MEDIUM 6	CVE-2026-6731	X.509 name constraint bypass via Subject CN treated as a DNS name_CVE-2026-6731 X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's D...	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE
LOW 1	CVE-2026-6681	PKCS#7 decode ignores caller output buffer size, writing past buffer bounds_CVE-2026-6681 The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to be written past the bounds of the pro...	wolfSSL	wolfSSL 3.10.0	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-6679	DTLS 1.3 ACK serialization heap buffer overflow via integer truncation_CVE-2026-6679 A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due ...	wolfSSL	wolfSSL 5.4.0	Jun 25, 2026	CVE
LOW 1	CVE-2026-6678	Integer underflow in wc_PKCS7_DecryptOri handling crafted Other Recipient Info_CVE-2026-6678 Integer underflow in wc_PKCS7_DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption.	wolfSSL	wolfSSL 3.15.5	Jun 25, 2026	CVE
LOW 1	CVE-2026-6450	CRL critical extension bypass in ParseCRL_Extensions_CVE-2026-6450 A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an u...	wolfSSL	wolfSSL 4.3.0	Jun 25, 2026	CVE