Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	THN:1512AE50F60...	282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study_THN:1512AE50F60F6C5C9F6F79FEAEDA6FED ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ9nmTBu_vYBf5fRZV4Jc-qtFGPySofVDYHUd-9-ogdve-M4Qd4j7_CnH9Zmvln6O3nfXSsDqQiMoL3rDYBS...	N/A	N/A	Jun 30, 2026	THN
MEDIUM 6.9	CVE-2026-35097	Weak Password Requirements in KTM System e-BOK_CVE-2026-35097 KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended chara...	KTM System	e-BOK	Jun 30, 2026	CVE
MEDIUM 5.1	CVE-2026-35096	Cross-Site Request Forgery (CSRF) in KTM System e-BOK_CVE-2026-35096 KTM System e-BOK is vulnerable to Cross‑Site Request Forgery (CSRF) in both the email-change and password-change functionalities. An attacker can c...	KTM System	e-BOK	Jun 30, 2026	CVE
MEDIUM 4.8	CVE-2026-35095	Session fixation in KTM System e-BOK_CVE-2026-35095 KTM System e-BOK allows the session identifier to be set by the client prior to authentication. If a cookie with a valid name is set, its value rem...	KTM System	e-BOK	Jun 30, 2026	CVE
MEDIUM 5.9	CVE-2026-14178	openGauss存在非法内存访问导致DoS漏洞_CVE-2026-14178 openGauss 在处理带 NLS 参数的 to_timestamp 调用时，to_timestamp_with_fmt_nls() 会将 nls_fmt_str 保存到 u_sess->parser_cxt.nls_fmt_str。在 seqscan +...	openGauss-server	openGauss-server-7.0.0-RC2 openGauss-server-7.0.0-RC2	Jun 30, 2026	CVE
CRITICAL 9.8	0EB7005F-1AF8-	Nessus-CVE-POC-Finder_0EB7005F-1AF8-5D82-BFB3-0885D0E7AA8B Nessus-CVE-POC-Finder Python script to parse .nessus file, extract CVE numbers, and search for exploits using "searchsploit". Usage usage: Nessus-C...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.8	DCB07824-2947-	Exploit for Improper Authentication in Oracle E-Business_Suite_DCB07824-2947-51F9-8738-1630098A0772 CVE-2026-46817 Proof of Concept Oracle E-Business Suite File Transmission Path Traversal --- ⚠️ LEGAL DISCLAIMER THIS SOFTWARE IS PROVIDED FOR EDUC...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
NONE	H1:3833577	curl: heap-use-after-free in curl_easy_cleanup() called from callback_H1:3833577 ## Summary: `Curl_close()` (`lib/url.c:214`) calls `curl_multi_remove_handle(data->multi, data)` and ignores the return value. When `curl_easy_cle...	N/A	N/A	Jun 30, 2026	HACKERONE
MEDIUM 6.5	CVE-2026-51219	CVE-2026-51219_CVE-2026-51219 A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denia...	n/a	n/a n/a	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-49434	Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker_CVE-2026-49434 Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or...	Apache Software Foundation	Apache ActiveMQ Broker	Jun 30, 2026	CVE