news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.1	CVE-2026-35193	Potential exposure of private data via missing Vary: Authorization in UpdateCacheMiddleware_CVE-2026-35193 An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not add `A...	djangoproject	Django 6.0	Jun 3, 2026	CVE
LOW 1.2	CVE-2026-10729	HTML injection in the notification email for “Slow Redirect” and “Cloned Website” Canarytokens_CVE-2026-10729 An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research ...	Thinkst Applied Research	Canarytokens sha-c42435e	Jun 3, 2026	CVE
HIGH 10	2D33D81A-E898-	Exploit for Improper Access Control in Proftpd_2D33D81A-E898-5537-AD2E-9F2BC986C1A4 OpenVAS-Vulnerability-Analysis-Incident-Response-Report Real-World Simulation: FTP Service Exploitation ProFTPD CVE-2015-3306 Real-World Simulation...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
CRITICAL 10	93A59886-B99C-	Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware_93A59886-B99C-532C-9C2C-E718BDD5A455 No description provided...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	HACKREAD:93443D...	China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware_HACKREAD:93443D81D99E6FE7DD468FCD1243129A Proofpoint says TA4922, a suspected China aligned cybercrime group, is targeting UK and European organisations with tax, payroll and benefits theme...	N/A	N/A	Jun 3, 2026	HACKREAD
NONE	MALWAREBYTES:F8...	Keep getting calls from questionable numbers? Meet Scam Number Check_MALWAREBYTES:F86523D3C4E39D1DC663BAAB70640D79 Have you ever gotten a phone call and had a gut feeling that those random digits looked extra suspicious? It happens to millions of people every da...	N/A	N/A	Jun 3, 2026	MALWAREBYTES
HIGH 8.8	THN:280C3ABDE44...	Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)_THN:280C3ABDE4442D135F19D04EF30131D6 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTV6zPqD9KC3Rc5Mz9c8XENLiJntboDT6LIoD3L2FXlTUVC3rsWZ_3YLfe_jmhhyphenhyphenjb5RCwkTsd...	N/A	N/A	Jun 3, 2026	THN
NONE	THN:85408B68817...	One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens_THN:85408B688171B629462ECA4B4523594A ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeHvqmNHvAhdxgoBLbfFWsFBMdvH5SbJovunxx8AYHRkq7HOQ2l6I_ZaJGi_PF5WHKOlHEQHK4HyPBhmzOpY...	N/A	N/A	Jun 3, 2026	THN
MEDIUM 6.3	CVE-2026-35717	CVE-2026-35717_CVE-2026-35717 A stack-based buffer overflow in the export_language.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers ...	n/a	n/a n/a	Jun 2, 2026	CVE
HIGH 8.7	CVE-2026-35085	Stack buffer overflow in method gdv-serverconfig_CVE-2026-35085 A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root.	MBS	Single-A V1_0_0_0	Jun 3, 2026	CVE