Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

141 New today

59,310 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

202

May 22

May 23

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

151

Jun 3

Jun 4

Critical

High

Medium

Low

Latest

GITHUBEXPLOIT

1click-gh-token-stealing-via-vscode-POC_FEF41599-6B58-5BDB-BB48-0E38230B7291

1-Click GitHub Token Stealing via VSCode Proof-of-Concept exploit for a critical VS Code zero-day vulnerability that allows attackers to steal GitHub OAuth tokens and gain full read/write access to private repositories with a single link click. Based...

FEF41599-6B58-5BDB-BB48-0E38230B7291

Jun 3, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.3	CVE-2026-35716	CVE-2026-35716_CVE-2026-35716 A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers t...	n/a	n/a n/a	Jun 2, 2026	CVE
HIGH 7.3	CVE-2026-30649	CVE-2026-30649_CVE-2026-30649 Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component	n/a	n/a n/a	Jun 2, 2026	CVE
LOW 3.1	CVE-2026-8404	Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware_CVE-2026-8404 An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not match ...	djangoproject	Django 6.0	Jun 3, 2026	CVE
LOW 3.1	CVE-2026-7666	Potential unencrypted email transmission via STARTTLS in the SMTP backend_CVE-2026-7666 An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.core.mail.backends.smtp.EmailBackend` in Django fails to prevent ...	djangoproject	Django 6.0	Jun 3, 2026	CVE
LOW 3.1	CVE-2026-6873	Signed cookie salt namespace collision in django.http.HttpRequest.get_signed_cookie_CVE-2026-6873 An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpRequest.get_signed_cookie` in Django uses a non-injectiv...	djangoproject	Django 6.0	Jun 3, 2026	CVE
HIGH 8	CVE-2026-5241	Policy Bypass in LightGlue Nested Config Resolution in huggingface/transformers_CVE-2026-5241 A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to exe...	huggingface	huggingface/transformers unspecified	Jun 3, 2026	CVE
LOW 3.1	CVE-2026-48587	Potential exposure of private data via whitespace padding in Vary header_CVE-2026-48587 An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.has_vary_header()` in Django does not strip leading o...	djangoproject	Django 6.0	Jun 3, 2026	CVE
MEDIUM 6.9	CVE-2026-47325	Weak password policy in ProjectsAndPrograms school-management-system_CVE-2026-47325 ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s da...	ProjectsAndPrograms	school-management-system 6b6fae5	Jun 3, 2026	CVE
MEDIUM 5.1	CVE-2026-47324	Stored XSS in Multiple Points in ProjectsAndPrograms school-management-system_CVE-2026-47324 ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting (XSS) in multiple attributes of students and teachers obj...	ProjectsAndPrograms	school-management-system 6b6fae5	Jun 3, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

1click-gh-token-stealing-via-vscode-POC_FEF41599-6B58-5BDB-BB48-0E38230B7291

Recent Advisories

CVE-2026-35716_CVE-2026-35716

CVE-2026-30649_CVE-2026-30649

Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware_CVE-2026-8404

Potential unencrypted email transmission via STARTTLS in the SMTP backend_CVE-2026-7666

Signed cookie salt namespace collision in django.http.HttpRequest.get_signed_cookie_CVE-2026-6873

Policy Bypass in LightGlue Nested Config Resolution in huggingface/transformers_CVE-2026-5241

Potential exposure of private data via whitespace padding in Vary header_CVE-2026-48587

Weak password policy in ProjectsAndPrograms school-management-system_CVE-2026-47325

Stored XSS in Multiple Points in ProjectsAndPrograms school-management-system_CVE-2026-47324

Protect Your Attack Surface with RedGem

Security Intelligence
Feed