Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.1	CVE-2026-10654	RFCOMM session-disconnect race leaks session/L2CAP and denies further RFCOMM service in Zephyr Bluetooth Classic_CVE-2026-10654 A race condition in the Zephyr Bluetooth Classic RFCOMM host stack (subsys/bluetooth/host/classic/rfcomm.c) mishandles a simultaneous bidirectional...	zephyrproject	zephyr 1.6.0	Jun 30, 2026	CVE
MEDIUM 6.4	CVE-2026-10653	Non-atomic `net_buf` reference counts cause double-free / free-list corruption under concurrent unref_CVE-2026-10653 The Zephyr net_buf library (lib/net_buf/buf.c) manipulated both of its reference counts -- the per-header buf->ref and the per-data-block ref_count...	zephyrproject	zephyr 2.7.0	Jun 30, 2026	CVE
MEDIUM 4.8	CVE-2026-10652	Out-of-bounds read in Zephyr DNS resolver TXT/SRV record parsing (unvalidated `rdlength`)_CVE-2026-10652 Zephyr's DNS resolver (subsys/net/lib/dns) parses resource records from DNS responses in dns_unpack_answer(), which validated only the fixed RR hea...	zephyrproject	zephyr 4.3.0	Jun 30, 2026	CVE
NONE	HACKREAD:2E8596...	Reflectiz to Host Webinar, Joined by Taboola, on Securing Third-Party Marketing in the AI Era_HACKREAD:2E859658988934BC644C9FFFAFC65D81 Boston, Massachusetts, 30th June 2026, CyberNewswire	N/A	N/A	Jun 30, 2026	HACKREAD
NONE	MALWAREBYTES:55...	Update time: Apple releases security patches for iOS, MacOS Tahoe, Safari_MALWAREBYTES:552F53C2A5C5D4124301419736747734 Apple has released security updates for more than two dozen security vulnerabilities across iPhone, iPad, and Mac. The updates for iOS/iPadOS, Mac...	N/A	N/A	Jun 30, 2026	MALWAREBYTES
NONE	HACKREAD:63F08F...	NDSS Symposium Heads to Seoul in 2027 to Expand Global Cybersecurity Collaboration_HACKREAD:63F08F11AF4999B54D4C576D772A9198 DC, United States, 30th June 2026, CyberNewswire	N/A	N/A	Jun 30, 2026	HACKREAD
NONE	HACKREAD:C88ABD...	Hackers Use Fake FIFA World Cup 2026 T-Shirt Offers to Spread Voidrift Malware_HACKREAD:C88ABDC30C1E80F03703CD1ACBFC49F0 A fake FIFA World Cup 2026 T-shirt giveaway scam is spreading Voidrift malware through personalized emails using company logos and trusted websites...	N/A	N/A	Jun 30, 2026	HACKREAD
NONE	THN:5DAB0877EE6...	Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses_THN:5DAB0877EE6A2238A848D066E5E917B7 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfz8WYO9wONzogh2V8g9VorZ8Ab_nAUZMD7rOM9xrVUhg3cbKGA5zc73PGQiAkbsNgY-qbm2AFAUjBdeMcpe...	N/A	N/A	Jun 30, 2026	THN
CRITICAL 9.8	THN:18D5B5F2FBD...	Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints_THN:18D5B5F2FBD829B5E2123067D35CAF01 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA2GvsvmPnHZF-e1GDbhOVW4DxQZr79HzSMLp7-YKaA9DC-V2fVo6cmBig0bxUxWjK0Kz1mTm2Cmg6CrjaKg...	N/A	N/A	Jun 30, 2026	THN
CRITICAL 10	8AC491E4-591B-	Exploit for Improper Access Control in Widgetfactorylimited Jce_8AC491E4-591B-5C56-8013-7E0DC7148722 CVE-2026-48907 — Joomla JCE Unauthenticated RCE Lab PSsec Educational security research lab for CVE-2026-48907. --- Overview CVE-2026-48907 is a cr...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT