news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.2	CVE-2026-35076	Arbitrary file delete vulnerability in method bac-scanresult_CVE-2026-35076 The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-cont...	MBS	Single-A V1_0_0_0	Jun 3, 2026	CVE
CRITICAL 9.3	CVE-2026-35075	Hardcoded default Password for Service Account_CVE-2026-35075 An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices.	MBS	Single-A V1_0_0_0	Jun 3, 2026	CVE
MEDIUM 4.8	CVE-2026-10722	cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow_CVE-2026-10722 A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadColle...	cilium	ebpf 0.1	Jun 3, 2026	CVE
HIGH 7.3	CVE-2025-41259	SWUpdate Untrusted Script Execution via Signed Update TOCTOU_CVE-2025-41259 SWUpdate before 2026.05 is affected by a time-of-check time-of-use (TOCTOU) race condition that allows local unprivileged attackers to escalate pri...	sbabic	SWUpdate	Jun 3, 2026	CVE
HIGH 7.5	F60EDCA1-3AA0-	Wazuh-Deployment-Vulnerability-Monitoring-PoC_F60EDCA1-3AA0-58CC-8AFA-A4BA4188AE01 🛡️ Wazuh Deployment & Vulnerability Monitoring PoC Overview This Proof of Concept PoC demonstrates the deployment of a fresh Wazuh Manager instance...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	SCHNEIER:E4AA1D...	AI Used to Decrypt Medieval Ciphers_SCHNEIER:E4AA1D57672F67009976BFF7A3662773 Researchers are using machine learning algorithms to decrypt historical pencil-and-paper ciphers.	N/A	N/A	Jun 3, 2026	SCHNEIER
NONE	THN:0253A7CE4C1...	Beyond the Zero-Day: See Your Network Like an Attacker \| Webinar with HD Moore_THN:0253A7CE4C100FD08457AE372A6A8BFF ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzZPASJ7ymlBpeDWq_d-byWp58FpBR6tdX6QfLJFFoGRHK9xB5mTbx0guIcMFKFYV87inRtJyM-cKJXI0Td5...	N/A	N/A	Jun 3, 2026	THN
NONE	HACKREAD:1B091E...	Alcasec, “Robin Hood of Spanish Hackers,” Jailed for 31 Months Over Data Theft_HACKREAD:1B091E00C3A0107DC2AB5D2619BD0758 Alcasec, the "Robin Hood of Spanish Hackers," is jailed for 31 months after admitting to stealing and selling Spanish citizens' banking data.	N/A	N/A	Jun 3, 2026	HACKREAD
NONE	THN:AEE9050720F...	Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)_THN:AEE9050720F4221CAE4212FDF733F7E8 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuT21gubKVL2cAsQrEiju_yAE3Pxe1IPxsl9RlGfhMEeis2IuQglnZjwTme6xM1_IJNymXFY1kZsouMGecR2...	N/A	N/A	Jun 3, 2026	THN
HIGH 8.8	9E8F733F-521E-	Exploit for Write-what-where Condition in Linux Linux_Kernel_9E8F733F-521E-504B-886D-5E1C5BC369E4 Local privilege escalation / Container escape: CVE-2026-43284 / CVE-2026-43500 Usage: CGOENABLED=0; go build -ldflags="-s -w" -o dirtyfrag ../dirty...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT