Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-9263	Out-of-bounds read in Bluetooth Controller ISOAL framed RX reassembly leaks adjacent memory into host HCI ISO packets_CVE-2026-9263 The Zephyr Bluetooth controller ISO Adaptation Layer (subsys/bluetooth/controller/ll_sw/isoal.c) fails to validate the length field of a framed ISO...	zephyrproject	zephyr 3.3.0	Jun 30, 2026	CVE
HIGH 7.3	CVE-2026-8864	HP Fan Control App – Potential Escalation of Privilege_CVE-2026-8864 The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mit...	HP Inc.	HP Fan Control App	Jun 30, 2026	CVE
HIGH 8.1	CVE-2026-58377	JeecgBoot 3.9.2 – Missing Authorization on OpenAPI Credential Management Endpoints Exposes Access/Secret Keys_CVE-2026-58377 JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perform full create, read, ...	jeecgboot	JeecgBoot	Jun 30, 2026	CVE
HIGH 7.6	CVE-2026-58376	Dolibarr – SQL Injection via sqlfilters Parameter in Multiple REST API List Endpoints_CVE-2026-58376 Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql injection vulnerability that allows authenticated API users to exfiltrate arbitrar...	Dolibarr	dolibarr	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-58138	Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators_CVE-2026-58138 Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbit...	conductor-oss	conductor 3.21.21	Jun 30, 2026	CVE
HIGH 7.2	CVE-2026-10513	Webmention <= 5.8.0 - Unauthenticated Stored Cross-Site Scripting via MF2 'photo'/'url' Author Properties_CVE-2026-10513 The Webmention plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.8.0 via parser-derived 'avatar' ...	pfefferle	Webmention	Jun 30, 2026	CVE
NONE	871DDD96-CF98-	stack-buffer-overflow-lab_871DDD96-CF98-5B7C-99B6-28D1C125145C Stack Buffer Overflow Lab Overview This project demonstrates a stack-based buffer overflow vulnerability and explores how memory corruption can be ...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 8.8	28C8120C-CE6C-	Exploit for Write-what-where Condition in Linux Linux_Kernel_28C8120C-CE6C-515B-80F8-7917AC287FB6 CVE-KERNEL · Linux Kernel LPE Chain Multi-CVE Local Privilege Escalation chain for Linux kernel vulnerabilities uid=1000 → root via xfrm-ESP, RxRPC...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
NONE	MSSECURE:93863E...	Securing AI agents: When AI tools move from reading to acting_MSSECURE:93863E78310BB5B0C475322E2563973E In this article 1. From reading to acting 2. Attack pattern: MCP tool poisoning in a finance workflow 3. Mitigation and protection guidance ...	N/A	N/A	Jun 30, 2026	MSSECURE
NONE	MSSECURE:15844A...	What’s new in Microsoft Security: June 2026_MSSECURE:15844A384550CB9DFB48EEF32BA85C92 As organizations scale AI and agents across environments, security teams need protection that covers every surface. The Microsoft vision is simple:...	N/A	N/A	Jun 30, 2026	MSSECURE