Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.5	CVE-2026-44022	Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands_CVE-2026-44022 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2....	docling-project	docling >= 2.73.0, < 2.91.0	Jun 24, 2026	CVE
HIGH 7.5	CVE-2026-44020	Docling: Unsafe XML Entity Expansion in USPTO Patent Backend_CVE-2026-44020 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2....	docling-project	docling >= 2.13.0, < 2.74.0	Jun 24, 2026	CVE
HIGH 7.5	CVE-2026-44017	Docling: Unsafe Zip Extraction in EasyOCR Model Download_CVE-2026-44017 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the...	docling-project	docling < 2.91.0	Jun 24, 2026	CVE
HIGH 8.2	CVE-2026-44016	Docling: Unsafe Playwright-based HTML Rendering_CVE-2026-44016 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions >= 2.82...	docling-project	docling >= 2.82.0, < 2.91.0	Jun 24, 2026	CVE
HIGH 7.5	PACKETSTORM:224227	📄 HTTP.sys HTTP/2 Denial of Service_PACKETSTORM:224227 This advisory provides simple proof of concept details to trigger the HTTP/2 denial of service condition related to malformed Accept-Encoding heade...	N/A	N/A	Jun 24, 2026	PACKETSTORM
HIGH 10	DC8CF54B-5E0D-	pentest-metasploit_DC8CF54B-5E0D-55F4-B5C1-920406A0FF9F Penetration Testing with Metasploit A structured penetration testing automation framework developed by Aadarsh Bonthula as part of a cybersecurity ...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 10	THN:36AE22FA31D...	CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited_THN:36AE22FA31D6D2AC6781F7FB8DEED534 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjZtIkR9YS2fMY5MvIzgyEShmJAP1bgHqhBdU115iSY7WZ2EcBAbFKb1OQP6Nq8hoF4HlnRifxW890ztCcne...	N/A	N/A	Jun 24, 2026	THN
NONE	MALWAREBYTES:B6...	Watch out for renewal scams pretending to be Malwarebytes_MALWAREBYTES:B676169C29D86A2482A9B5FF7B0079BF Fake subscription renewal notices are doing the rounds again. Some of these scams impersonate Malwarebytes, and we've also seen them reach our cust...	N/A	N/A	Jun 24, 2026	MALWAREBYTES
NONE	AKAMAIBLOG:7719...	Agentic Disconnect: The Latency Crisis Facing Modern AI Architecture_AKAMAIBLOG:77195A7A6163C40EBA50663B96454FF6 {“lastseen”:”2026-06-24T15:36:50″,”description”:””,”published”:”2026-06-24T15:00:...	N/A	N/A	Jun 24, 2026	AKAMAIBLOG
NONE	HACKREAD:E22B93...	New GhostShell Hacking Group Targets Ukraine’s Drone Defense Sector_HACKREAD:E22B933FD8A720970D5E26F2221C9E54 Researchers warn GhostShell is using fake drone documents to target Ukrainian defence teams, stealing passwords and sensitive data in a new cyber c...	N/A	N/A	Jun 24, 2026	HACKREAD