❌

Normal view

SEC Consult SA-20260615-1 :: Multiple Vulnerabilities in Wertheim SafeController Hardware for VAULT ROOMS (Safe Deposit Locker System – Microcontroller)

16 June 2026 at 08:56

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15

SEC Consult Vulnerability Lab Security Advisory < 20260615-1 >
=======================================================================
title: Multiple Vulnerabilities
Β  Β  Β  Β  Β  product: Wertheim SafeController Hardware for VAULT ROOMS
(Safe Deposit Locker System – Microcontroller)
vulnerable version: Controller 65000 - AssemblyVersion 6.11.8130.22319
Β  Β  Β  Β  Β  Β  Β  Β  Β  Β  Controller...

SEC Consult SA-20260615-0 :: Multiple Critical Vulnerabilities in Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)

16 June 2026 at 08:56

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15

SEC Consult Vulnerability Lab Security Advisory < 20260615-0 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: Wertheim SafeController Software for VAULT ROOMS
(Safe Deposit Locker System)
vulnerable version: AssemblyVersion 6.15.8328.28014
fixed version: No information provided by vendor
CVE number:...

SEC Consult SA-20260610-0 :: Local Privilege Escalation in Slate Digital Connect (macOS)

16 June 2026 at 08:56

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15

SEC Consult Vulnerability Lab Security Advisory < 20260610-0 >
=======================================================================
title: Local Privilege Escalation
product: Slate Digital Connect (macOS)
Β vulnerable version: 1.37.0
fixed version: -
CVE number: CVE-2026-24066, CVE-2026-24067
Β  Β  Β  Β  Β  Β  Β impact: high
homepage:...

SEC Consult SA-20260609-0 :: Multiple Local Privilege Escalation Vulnerabilities in Waves Audio - Waves Central

16 June 2026 at 08:56

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15

SEC Consult Vulnerability Lab Security Advisory < 20260609-0 >
=======================================================================
title: Multiple Local Privilege Escalation Vulnerabilities
product: Waves Audio - Waves Central
vulnerable version: v13.0.8 - v16.6.0
Β  Β  Β  fixed version: v16.6.2
Β  Β  Β  Β  Β CVE number: CVE-2026-24064, CVE-2026-24065
Β  Β  Β  Β  Β  Β  Β impact: high...

[KIS-2026-11] Discuz! <= X5.0 (enable_disable.php) Local File Inclusion Vulnerability

16 June 2026 at 08:54

Posted by Egidio Romano on Jun 15

-----------------------------------------------------------------------
Discuz! <= X5.0 (enable_disable.php) Local File Inclusion Vulnerability
-----------------------------------------------------------------------

[-] Software Link:

https://www.discuz.vip

[-] Affected Versions:

Version X5.0, releases 20260320 through 20260610.
Older X3.4 and X3.5 releases may be affected too.

[-] Vulnerability Description:

A Local File Inclusion (LFI)...

[KIS-2026-10] Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability

16 June 2026 at 08:54

Posted by Egidio Romano on Jun 15

------------------------------------------------------
Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability
------------------------------------------------------

[-] Software Link:

https://www.discuz.vip

[-] Affected Versions:

Version X5.0, releases 20260320 through 20260610.
Older X3.4 and X3.5 releases may be affected too.

[-] Vulnerability Description:

A security weakness in the CAPTCHA implementation of Discuz! allows
automated...

[KIS-2026-09] Discuz! X5.0 (UC_KEY) Cross-Context Token Reuse Vulnerability

16 June 2026 at 08:54

Posted by Egidio Romano on Jun 15

-------------------------------------------------------------
Discuz! X5.0 (UC_KEY) Cross-Context Token Reuse Vulnerability
-------------------------------------------------------------

[-] Software Link:

https://www.discuz.vip

[-] Affected Versions:

Version X5.0, releases 20260320 through 20260501.

[-] Vulnerability Description:

The vulnerable code is located within the /config/config_ucenter.php
configuration file:...

SEC Consult SA-20260608-0 :: Privilege Escalation via Binary Planting in Genetec-provided RabbitMQ in multiple Genetec products

9 June 2026 at 07:32

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 08

SEC Consult Vulnerability Lab Security Advisory < 20260608-0 >
=======================================================================
title: Privilege Escalation via Binary Planting
Β  Β  Β  Β  Β  Β  product: Genetec-provided RabbitMQ in multiple Genetec products
vulnerable version: Multiple products, see below.
Β  Β  Β  fixed version: Multiple products, see below.
CVE number: CVE-2026-25112
Β  Β  Β  Β  Β  Β ...

[SYSS-2026-004] SAP NetWeaver SAML XML Signature Wrapping

9 June 2026 at 07:31

Posted by Moritz Bechler via Fulldisclosure on Jun 08

Advisory ID: SYSS-2026-004
Product: SAP NetWeaver ABAP / SAP_BASIS
Manufacturer: SAP SE
Affected Version(s): SAP_BASIS 700 - 918
Tested Version(s): 7.93 Patch 300
Vulnerability Type: CWE-347: Improper Verification of Cryptographic Signature
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2025-11-06
Solution Date: 2026-02-10...
❌