MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-34030	Improper branch-code validation in Wertheim SafeController Software allows file path manipulation_CVE-2026-34030 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, does not sufficiently validate the branch code when a new branch is created....	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
MEDIUM 6.8	CVE-2026-34029	Hard-coded cryptographic key in Wertheim SafeController Software allows decryption of sensitive configuration data_CVE-2026-34029 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Sec...	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-34028	Unauthenticated direct access to web data in Wertheim SafeController Software exposes files_CVE-2026-34028 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization...	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-34027	Upload restriction bypass in Wertheim SafeController Software allows authenticated users to upload arbitrary files_CVE-2026-34027 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains insufficient server-side file type validation in the /safe/contract...	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-34025	IP restriction bypass in Wertheim SafeController Software allows logins from unauthorized network locations_CVE-2026-34025 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an IP restriction bypass vulnerability in the login process. The ap...	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-44188	Ansible-lightspeed: ansible lightspeed: session hijacking and unauthorized data access due to insufficient session expiration_CVE-2026-44188 A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persis...	Red Hat	Red Hat Ansible Automation Platform 2.7 1781025813	Jun 15, 2026	CVE
MEDIUM 4.4	E2CF04E5-7B2B-	Exploit for CVE-2026-48849_E2CF04E5-7B2B-56AE-BB11-79D1448AB6ED CVE-2026-48849 - Stored XSS, HTML Injection & CSS Injection in Roundcube Webmail Overview This repository contains a Proof-of-Concept PoC for CVE-2...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
MEDIUM 4.8	CVE-2026-12216	svaarala duktape duk_api_bytecode.c memory corruption_CVE-2026-12216 A weakness has been identified in svaarala duktape up to 2.99.99. This issue affects some unknown processing of the file duk_api_bytecode.c. Execut...	svaarala	duktape 2.99.0	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-12213	hcengineering Huly Platform User Information operations.ts getAccountInfo improper authorization_CVE-2026-12213 A vulnerability was found in hcengineering Huly Platform up to 0.7.0. Affected by this vulnerability is the function getAccountInfo of the file ser...	hcengineering	Huly Platform 0.1	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-12212	hcengineering Huly Platform RPC operations.ts getMailboxSecret access control_CVE-2026-12212 A vulnerability has been found in hcengineering Huly Platform up to 0.7.0. Affected is the function getMailboxSecret of the file server/account/src...	hcengineering	Huly Platform 0.1	Jun 15, 2026	CVE