Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

141 New today
59,310 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

202
May 22
67
May 23
111
May 24
204
May 25
336
May 26
455
May 27
326
May 28
451
May 29
206
May 30
84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
26
Jun 4
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.4 CVE-2026-49194

SCREEN_CLICK Authentication Bypass_CVE-2026-49194

The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive s...

Acer Connect M6E 5G Portable WiFi Router * CVE
HIGH 8.7 CVE-2026-49193

Publicly Readable AWS S3 Telemetry Buckets_CVE-2026-49193

Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet.

Acer Connect M6E 5G Portable WiFi Router * CVE
MEDIUM 5.3 CVE-2026-49192

Summary Service Insecure Direct Object Reference_CVE-2026-49192

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device...

Acer Connect M6E 5G Portable WiFi Router * CVE
CRITICAL 9.3 CVE-2026-49191

Exposed Hard-coded M3WebServer Backend API Key_CVE-2026-49191

The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages.

Acer Connect M6E 5G Portable WiFi Router * CVE
CRITICAL 9.4 CVE-2026-49190

Missing Per-Instruction Authorization Checks_CVE-2026-49190

The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application instal...

Acer Connect M6E 5G Portable WiFi Router * CVE
NONE THN:1914490991B...

DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets_THN:1914490991B466716EED3AB4A2342670

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTf5wAHnoXtVauiln2MwlVvLc4LxcL8SBTLuW648LfFhUd8QyuOUfjmg0Hd91QlksmWF2u-PQhxHDTDmseMI...

N/A N/A THN
CRITICAL 9.8 021063E9-0EFC-

Exploit for SQL Injection in Wpdeveloper Notificationx_021063E9-0EFC-5BB3-A717-3C9223961E61

CVE-2024-1698 – NotificationX WordPress Plugin SQL Injection Time‑Based Blind Unauthenticated Time‑Based Blind SQL Injection → Extract admin userna...

N/A N/A GITHUBEXPLOIT
NONE 74A7BA4E-D496-

Exploit for CVE-2026-49975_74A7BA4E-D496-587B-A72A-FA0BE663F994

CVE-2026-49975 — HTTP/2 Bomb PoC Proof-of-concept exploit for CVE-2026-49975, a remote denial-of-service vulnerability in HTTP/2 server implementat...

N/A N/A GITHUBEXPLOIT
MEDIUM 5.8 CVE-2026-46447

CVE-2026-46447_CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info.

OpenStack Ironic 17.0.0 CVE