Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

304 New today

62,164 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

May 31

417

Jun 1

295

Jun 2

151

Jun 3

354

Jun 4

517

Jun 5

109

Jun 6

Jun 7

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Critical

High

Medium

Low

Latest

CVE CVSS 6.4

Operator – Namespaced User Path Traversal_CVE-2026-11769

We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity security fix for a path traversal/privilege escalation vulnerability in the Grafana Operator. ### Summary The Grafana Operator supports loading dashboards & library panels us...

CVE-2026-11769 Grafana Grafana Operator

Jun 13, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	2B7EC0E8-7984-	Exploit for CVE-2026-22356_2B7EC0E8-7984-5387-91E5-615EAC92E0E1 CVE-2026-22356 CVE-2026-22356: Jetpack CRM Path Traversal Vulnerability and RCE Kullanım Kılavuzu Aşağıdaki kullanım örneklerini yalnızca yetkili t...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
NONE	08DA759F-8360-	web-vulnerability-scanner_08DA759F-8360-516C-8014-413DE29094D7 No description provided...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
HIGH 7.5	C2EB4AA1-0C70-	Exploit for Memory Allocation with Excessive Size Value in Apache Http_Server_C2EB4AA1-0C70-5104-AF4C-BC274F5A5B7A http2-bomb-detector HTTP/2 Bomb CVE-2026-49975 Non-destructive vulnerability detection tool — for Nginx / Apache httpd Vulnerability Background CVE...	N/A	N/A	Jun 13, 2026	GITHUBEXPLOIT
HIGH 7.5	CVE-2026-9848	WP Ticket <= 6.0.4 - Unauthenticated SQL Injection via WordPress Search 's' Parameter_CVE-2026-9848 The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter (`s`) in versions up to, and including, ...	emarket-design	Customer Support Ticket System & Helpdesk	Jun 13, 2026	CVE
MEDIUM 5.5	CVE-2026-54231	Abrt: unsanitized systemd journal content written to dump directory files enables content injection_CVE-2026-54231 A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journa...	Red Hat	Red Hat Enterprise Linux 6	Jun 13, 2026	CVE
HIGH 7	CVE-2026-54230	Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites_CVE-2026-54230 A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shel...	Red Hat	Red Hat Enterprise Linux 6	Jun 13, 2026	CVE
HIGH 7	CVE-2026-54229	Abrt: chownproblemdir succeeds during active post-create event processing due to inadequate locking_CVE-2026-54229 A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method. ChownProblemDir opens the dump directory with DD_OPEN_READONLY ...	Red Hat	Red Hat Enterprise Linux 6	Jun 13, 2026	CVE
HIGH 7.8	CVE-2026-54228	Abrt: toctou race condition in abrt-dbus setelement allows arbitrary file writes to dump directories_CVE-2026-54228 A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation a...	Red Hat	Red Hat Enterprise Linux 6	Jun 13, 2026	CVE
MEDIUM 4.9	CVE-2026-12089	WS Optimize – All-in-One Speed Booster & Cache Tools <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read_CVE-2026-12089 The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and includin...	aurelienlws	LWS Optimize – All-in-One Speed Booster & Cache Tools	Jun 13, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Operator – Namespaced User Path Traversal_CVE-2026-11769

Recent Advisories

Exploit for CVE-2026-22356_2B7EC0E8-7984-5387-91E5-615EAC92E0E1

web-vulnerability-scanner_08DA759F-8360-516C-8014-413DE29094D7

Exploit for Memory Allocation with Excessive Size Value in Apache Http_Server_C2EB4AA1-0C70-5104-AF4C-BC274F5A5B7A

WP Ticket <= 6.0.4 - Unauthenticated SQL Injection via WordPress Search 's' Parameter_CVE-2026-9848

Abrt: unsanitized systemd journal content written to dump directory files enables content injection_CVE-2026-54231

Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites_CVE-2026-54230

Abrt: chownproblemdir succeeds during active post-create event processing due to inadequate locking_CVE-2026-54229

Abrt: toctou race condition in abrt-dbus setelement allows arbitrary file writes to dump directories_CVE-2026-54228

WS Optimize – All-in-One Speed Booster & Cache Tools <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read_CVE-2026-12089

Protect Your Attack Surface with RedGem

Security Intelligence
Feed