Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.3	CVE-2026-13482	skypilot-org skypilot User ID server.py username.encode weak hash_CVE-2026-13482 A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the...	skypilot-org	skypilot 0.1	Jun 28, 2026	CVE
HIGH 7.4	CVE-2026-10646	Use-after-return in `zsock_getaddrinfo()` when a timed-out DNS query is retried without cancellation_CVE-2026-10646 Zephyr's BSD-sockets getaddrinfo() implementation (subsys/net/lib/sockets/getaddrinfo.c) passes a pointer to a stack-allocated state object (struct...	zephyrproject	zephyr 4.0.0	Jun 28, 2026	CVE
MEDIUM 4.2	CVE-2026-10644	Out-of-bounds write in Microchip SERCOM-G1 (PIC32CM-JH) async UART RX with 1-byte buffer_CVE-2026-10644 The Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c), used by the PIC32CM-JH SoC family, contains an out-of-bounds write in i...	zephyrproject	zephyr 4.4.0	Jun 28, 2026	CVE
MEDIUM 6.5	CVE-2026-10593	Remotely triggerable NULL-pointer dereference in Bluetooth LE Audio BAP unicast client QoS-state handling_CVE-2026-10593 The Zephyr Bluetooth LE Audio Basic Audio Profile (BAP) unicast client mishandles peer-supplied ASE state notifications. In unicast_client_ep_qos_s...	zephyrproject	zephyr 4.3.0	Jun 28, 2026	CVE
NONE	522F040F-3E67-	school-buslocation-sqli-cve_522F040F-3E67-59B4-8183-025C01D1A67B CVE-2026-XXXXX Unauthenticated SQL Injection in School Management System — Bus Location Endpoint --- Advisory Information \| Field \| Value \| \|------...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
HIGH 8.8	95D6A730-EFAD-	Exploit for CVE-2026-43503_95D6A730-EFAD-5C8A-A651-39A9ED5B00CB DirtyClone DirtyClone is a C-based local privilege escalation LPE proof-of-concept targeting a kernel/XFRM-related vulnerability described in the s...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
CRITICAL 9.4	7A2BFD33-83FB-	Exploit for OS Command Injection in Devcode Openstamanager_7A2BFD33-83FB-5B33-86D9-0CC82F7A488C CVE-2025-69212 PoC - OpenSTAManager P7M Command Injection RCE Exploit Proof of Concept PoC exploit for CVE-2025-69212, an authenticated OS command ...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
NONE	93EFF22D-54CE-	e107-comment-sqli-cve_93EFF22D-54CE-5264-8AEA-EFBB4F5B94EB CVE-2026-XXXXX Unauthenticated Blind SQL Injection in e107 CMS Comment System via Unsafe toDB + select Chain --- Advisory Information \| Field \| Val...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
NONE	9F909712-BD5A-	doctorpatientportal-rce-sqli-cve_9F909712-BD5A-5DA3-A1F1-6729769D94B0 CVE-2026-XXXXX Unauthenticated Arbitrary File Upload RCE + SQL Injection in Doctor Patient Portal --- Advisory Information \| Field \| Value \| \|-----...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT
HIGH 8.8	1C0E4383-9787-	Exploit for CVE-2025-56399_1C0E4383-9787-58E2-A56F-70D9888E6255 Laravel FileManager Unrestricted File Upload CVE-2025-56399 CWE-434: Unrestricted Upload of File with Dangerous Type CVSS Score: 8.5 High --- 📋 De...	N/A	N/A	Jun 28, 2026	GITHUBEXPLOIT