CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2026-57881	GV-LPC2011/LPC2211 – unauthorized stack-based buffer overflow vulnerability (vlsvr)_CVE-2026-57881 An unauthenticated stack-based buffer overflow vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerab...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
CRITICAL 9.8	CVE-2026-57880	GV-LPC2011/LPC2211 – unauthorized buffer overflow via RTSP Digest username (ssvr)_CVE-2026-57880 An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerabi...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
CRITICAL 9.8	CVE-2026-57879	GV-LPC2011/LPC2211 – unauthorized buffer overflow via AuthMode/AuthValue path (ssvr)_CVE-2026-57879 An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerabi...	GeoVision Inc.	GV-LPC2011/2211 1.12	Jun 26, 2026	CVE
CRITICAL 9.8	CVE-2026-57878	GV-LPC2011/LPC2211 – unauthorized buffer overflow vulnerability (thttpd)_CVE-2026-57878 An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnera...	GeoVision Inc.	GV-LPCLPC2011/2211 1.12	Jun 26, 2026	CVE
CRITICAL 9.8	8C0976A0-3F8E-	Exploit for Authentication Bypass Using an Alternate Path or Channel in Nvidia Triton_Inference_Server_8C0976A0-3F8E-508D-8CD5-6A5A5D01F118 CVE-2026-24207 / 24206 — NVIDIA Triton Inference Server SageMaker & Vertex AI auth bypass Unauthenticated attackers can reach the model-management ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 9.8	BECF4517-38B6-	Exploit for Authentication Bypass Using an Alternate Path or Channel in Nvidia Triton_Inference_Server_BECF4517-38B6-5DC3-97A0-FDF34F1763C0 CVE-2026-24207 / 24206 — NVIDIA Triton Inference Server SageMaker & Vertex AI auth bypass Unauthenticated attackers can reach the model-management ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 9.8	967B93A1-932E-	Exploit for Missing Authentication for Critical Function in Oracle Peoplesoft_Enterprise_Peopletools_967B93A1-932E-5765-ABFF-5B9AE1C2F357 CVE-2026-35273-poc file clone the repo, cd into, run main.py file...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
CRITICAL 9.2	CVE-2026-9222	Setracker2 Children’s Smartwatch Ecosystem Use of password hash instead of password for authentication_CVE-2026-9222 Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior only require the password hash when authenticating with backend serv...	Shenzhen i365-Tech Co. Ltd.	Setracker2 Parental Control App (Android) package com.tgelec.setracker 3.1.5	Jun 25, 2026	CVE
CRITICAL 9.3	CF51C38E-52F7-	cve-research_CF51C38E-52F7-5CB5-9ACE-2BCD8F86C0BE CVE Research Notes and code from going through public CVEs that caught my attention. Each folder has a writeup of how the bug actually worked, a de...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
CRITICAL 9.4	CVE-2026-40702	EVoke Systems EVoke CSMS Missing Authentication for Critical Function_CVE-2026-40702 WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit ...	EVoke	EVoke CSMS All versions	Jun 25, 2026	CVE