Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

143 New today
59,294 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

202
May 22
67
May 23
111
May 24
204
May 25
336
May 26
455
May 27
326
May 28
451
May 29
206
May 30
84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
10
Jun 4
Critical
High
Medium
Low
Latest
QUALYSBLOG

Stop Patching at Human Speed: Peer-to-Peer (P2P) Distribution Closes the Remediation Gap Before Attackers Strike_QUALYSBLOG:CB6AB0F22D373D44641F0A459EDB5DFD

* * * #### Executive Summary _Knowing what’s exploitable is only half the battle. P2P patch distribution turns your endpoints into a delivery network, cutting patch propagation by up to 92%, reducing WAN bandwidth by 99%+, and helping close critical vulnerabilities before at...

QUALYSBLOG:CB6AB0F22D373D44641F0A459EDB5DFD
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
NONE 8D02FC42-E11E-

ParamStriker_8D02FC42-E11E-5436-870C-E4CD77B99D8D

ParamStriker Offline JSON & Query Parameter Exploit Framework by Mohnad Alshobaili · X: @Mohnad ParamStriker is a offensive, offline payload-genera...

N/A N/A GITHUBEXPLOIT
NONE D2A2BDA2-A827-

Exploit for CVE-2026-35904_D2A2BDA2-A827-5C81-ACD9-A68148EC42CC

T3 Technology CPE — Security Advisories Multiple critical vulnerabilities discovered in T3 Technology CPE ONU/Router devices deployed by TrueOnline...

N/A N/A GITHUBEXPLOIT
HIGH 7.7 THN:080A0E674D1...

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag_THN:080A0E674D16A0E41BA6F5E8E1F2D4E0

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_pEYWDRVadGL0WYM3iSY6jqFgBez8snXgoyeyAzcXNmxiytv-FgiKoBJX3aPivuYhSJjXp4o_zO1dQSIPUf...

N/A N/A THN
NONE FEF41599-6B58-

1click-gh-token-stealing-via-vscode-POC_FEF41599-6B58-5BDB-BB48-0E38230B7291

1-Click GitHub Token Stealing via VSCode Proof-of-Concept exploit for a critical VS Code zero-day vulnerability that allows attackers to steal GitH...

N/A N/A GITHUBEXPLOIT
MEDIUM 6.3 CVE-2026-35716

CVE-2026-35716_CVE-2026-35716

A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers t...

n/a n/a n/a CVE
HIGH 7.3 CVE-2026-30649

CVE-2026-30649_CVE-2026-30649

Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component

n/a n/a n/a CVE
LOW 3.1 CVE-2026-8404

Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware_CVE-2026-8404

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not match ...

djangoproject Django 6.0 CVE
LOW 3.1 CVE-2026-7666

Potential unencrypted email transmission via STARTTLS in the SMTP backend_CVE-2026-7666

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.core.mail.backends.smtp.EmailBackend` in Django fails to prevent ...

djangoproject Django 6.0 CVE
LOW 3.1 CVE-2026-6873

Signed cookie salt namespace collision in django.http.HttpRequest.get_signed_cookie_CVE-2026-6873

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpRequest.get_signed_cookie` in Django uses a non-injectiv...

djangoproject Django 6.0 CVE