Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

58 New today

62,192 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

May 31

417

Jun 1

295

Jun 2

151

Jun 3

354

Jun 4

517

Jun 5

109

Jun 6

Jun 7

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Critical

High

Medium

Low

Latest

CVE CVSS 5.3

Capgo < 12.128.2 - Orphaned File Retention via Profile Image Replacement_CVE-2026-53867

Capgo before 12.128.2 fails to delete previously uploaded profile images from backend storage when users replace or remove them. Attackers can access orphaned image files through previously generated URLs, allowing unauthorized retrieval of user-uploaded content.

CVE-2026-53867 Cap-go capgo

Jun 12, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6	CVE-2026-53839	OpenClaw < 2026.5.7 - Hostname Prefix Matching Bypass in Trusted Retry Endpoint Validation_CVE-2026-53839 OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of ex...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
MEDIUM 6	CVE-2026-53838	OpenClaw < 2026.5.27 - Node Pairing State Mutation via Reconnection_CVE-2026-53838 OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope d...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
MEDIUM 6.3	CVE-2026-53837	OpenClaw < 2026.5.6 - Missing Channel Type Validation in Mattermost Event Handlers_CVE-2026-53837 OpenClaw before 2026.5.6 contains an improper access control vulnerability in Mattermost event handlers that fails to validate channel type metadat...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 8.7	CVE-2026-53836	OpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases_CVE-2026-53836 OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encode...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
LOW 2.3	CVE-2026-53835	OpenClaw < 2026.5.6 - Config-Write Enforcement Bypass in Feishu Dynamic-Agent Bindings_CVE-2026-53835 OpenClaw before 2026.5.6 contains a configuration enforcement bypass vulnerability in Feishu dynamic-agent bindings that allows authenticated sende...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 8.2	CVE-2026-53834	OpenClaw < 2026.4.27 - Authorization Bypass in QQBot Pre-dispatch Slash Commands_CVE-2026-53834 OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to ...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 7.4	CVE-2026-53833	OpenClaw < 2026.4.29 - Authorization Bypass via QQBot Streaming Command_CVE-2026-53833 OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders to mutate...	QQBot	QQBot	Jun 12, 2026	CVE
HIGH 7.4	CVE-2026-53832	OpenClaw < 2026.5.18 - Identity Header Forgery via Trusted-Proxy Configuration_CVE-2026-53832 OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity hea...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 7.6	CVE-2026-53831	OpenClaw < 2026.5.18 - Arbitrary File Read via Shell Expansion in system.run Safe-bin Allowlist_CVE-2026-53831 OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to mo...	OpenClaw	OpenClaw	Jun 12, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Capgo < 12.128.2 - Orphaned File Retention via Profile Image Replacement_CVE-2026-53867

Recent Advisories

OpenClaw < 2026.5.7 - Hostname Prefix Matching Bypass in Trusted Retry Endpoint Validation_CVE-2026-53839

OpenClaw < 2026.5.27 - Node Pairing State Mutation via Reconnection_CVE-2026-53838

OpenClaw < 2026.5.6 - Missing Channel Type Validation in Mattermost Event Handlers_CVE-2026-53837

OpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases_CVE-2026-53836

OpenClaw < 2026.5.6 - Config-Write Enforcement Bypass in Feishu Dynamic-Agent Bindings_CVE-2026-53835

OpenClaw < 2026.4.27 - Authorization Bypass in QQBot Pre-dispatch Slash Commands_CVE-2026-53834

OpenClaw < 2026.4.29 - Authorization Bypass via QQBot Streaming Command_CVE-2026-53833

OpenClaw < 2026.5.18 - Identity Header Forgery via Trusted-Proxy Configuration_CVE-2026-53832

OpenClaw < 2026.5.18 - Arbitrary File Read via Shell Expansion in system.run Safe-bin Allowlist_CVE-2026-53831

Protect Your Attack Surface with RedGem

Security Intelligence
Feed