Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

58 New today
62,192 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
354
Jun 4
517
Jun 5
109
Jun 6
32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
51
Jun 13
Critical
High
Medium
Low
Latest
CVE CVSS 7.2

Online Scheduling and Appointment Booking System – Bookly <= 27.2 - Unauthenticated Stored Cross-Site Scripting via 'bookly-customer-full-name' Cookie_CVE-2026-5513

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This ma...

CVE-2026-5513 ladela Online Scheduling and Appointment Booking System – Bookly
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
NONE C5449C27-7E72-

vader-toctou_C5449C27-7E72-529E-BB3B-A2BECFAFBE53

OPERATION VADER — TOCTOU EXPLOITATION SYLLABUS OPERATIONS ORDER 001-26 VADER Classification: UNCLASSIFIED // ACADEMIC USE ONLY DTG: 130600Z JUN 202...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 1B1A3142-CD90-

Exploit for Improper Access Control in Getgrav Grav-Plugin-Admin_1B1A3142-CD90-5BA0-A772-AC630842FD7C

CVE-2021-21425 - GravCMS Unauthenticated RCE Unauthenticated Remote Code Execution exploit for GravCMS Custom command python3 exploit.py -t http://...

N/A N/A GITHUBEXPLOIT
HIGH 7.8 A0F6718E-3F97-

Exploit for Code Injection in Exiftool_Project Exiftool_A0F6718E-3F97-524C-8420-8BD056FE6751

CVE-2021-22204 - ExifTool Arbitrary Code Execution An upgraded exploit for CVE-2021-22204, a vulnerability in ExifTool versions 7.44 through 12.23 ...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 A1D50DD6-435E-

Exploit for CVE-2026-6279_A1D50DD6-435E-5B9D-933B-23BDA38B2B7B

Description This Python script is an exploit tool for CVE-2026-6279 targeting Avada Builder = 3.15.2. Key behavior: scans targets for fusionloadnon...

N/A N/A GITHUBEXPLOIT
MEDIUM 4.3 CVE-2026-1291

Meow Gallery <= 5.4.4 - Missing Authorization to Authenticated (Author+) Shortcode creation_CVE-2026-1291

The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the REST API endpoint...

tigroumeow Meow Gallery CVE
CRITICAL 9.4 CVE-2026-11624

CVE-2026-11624_CVE-2026-11624

The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebin...

Google MCP Toolbox for Databases CVE
HIGH 7.5 F82812B2-209D-

Exploit for CVE-2026-11450_F82812B2-209D-560F-A047-2C5FA823E1FD

GL.iNet Beryl AX Triple RCE PoC PoC for three unauthenticated command injection vulnerabilities CVE-2026-11450, CVE-2026-11451, CVE-2026-11452 in t...

N/A N/A GITHUBEXPLOIT
MEDIUM 6.4 CVE-2026-9134

Photo Gallery by FooGallery : Responsive Image Gallery, Masonry Gallery & Carousel <= 3.1.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'custom_attribute_key' Shortcode Parameter_CVE-2026-9134

The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_attribute_key' shortcode parameter in versions up ...

fooplugins Photo Gallery by FooGallery : Responsive Image Gallery, Masonry Gallery & Carousel CVE
HIGH 7.2 CVE-2026-9109

GPTranslate <= 2.31 - Unauthenticated Stored Cross-Site Scripting via REST API Translation Storage_CVE-2026-9109

The GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites plugin for WordPress is vulnerable to Stored Cross-Si...

john-dagelmore GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites CVE