Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

131 New today

59,336 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

202

May 22

May 23

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

151

Jun 3

Jun 4

Critical

High

Medium

Low

Latest

CVE CVSS 6.3

Potential DoS via quadratic complexity in unicodedata.normalize()_CVE-2026-3276

unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms.

CVE-2026-3276 Python Software Foundation CPython

Jun 3, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	THN:EBEF4474475...	Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT_THN:EBEF4474475574D09B83167D16690C6D ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpQ6QXxFH4zkfeHGdcm1WXVcNXMpyJm-1dlZLbFCdp6rKDRhuwICzYaKaR-rCpn61qod6A1F98PZejZbmYux...	N/A	N/A	Jun 3, 2026	THN
NONE	QUALYSBLOG:CB6A...	Stop Patching at Human Speed: Peer-to-Peer (P2P) Distribution Closes the Remediation Gap Before Attackers Strike_QUALYSBLOG:CB6AB0F22D373D44641F0A459EDB5DFD * * * #### Executive Summary _Knowing what’s exploitable is only half the battle. P2P patch distribution turns your endpoints into a delivery net...	N/A	N/A	Jun 3, 2026	QUALYSBLOG
NONE	8D02FC42-E11E-	ParamStriker_8D02FC42-E11E-5436-870C-E4CD77B99D8D ParamStriker Offline JSON & Query Parameter Exploit Framework by Mohnad Alshobaili · X: @Mohnad ParamStriker is a offensive, offline payload-genera...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	D2A2BDA2-A827-	Exploit for CVE-2026-35904_D2A2BDA2-A827-5C81-ACD9-A68148EC42CC T3 Technology CPE — Security Advisories Multiple critical vulnerabilities discovered in T3 Technology CPE ONU/Router devices deployed by TrueOnline...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
HIGH 7.7	THN:080A0E674D1...	Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag_THN:080A0E674D16A0E41BA6F5E8E1F2D4E0 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_pEYWDRVadGL0WYM3iSY6jqFgBez8snXgoyeyAzcXNmxiytv-FgiKoBJX3aPivuYhSJjXp4o_zO1dQSIPUf...	N/A	N/A	Jun 3, 2026	THN
NONE	FEF41599-6B58-	1click-gh-token-stealing-via-vscode-POC_FEF41599-6B58-5BDB-BB48-0E38230B7291 1-Click GitHub Token Stealing via VSCode Proof-of-Concept exploit for a critical VS Code zero-day vulnerability that allows attackers to steal GitH...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
MEDIUM 6.3	CVE-2026-35716	CVE-2026-35716_CVE-2026-35716 A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers t...	n/a	n/a n/a	Jun 2, 2026	CVE
HIGH 7.3	CVE-2026-30649	CVE-2026-30649_CVE-2026-30649 Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component	n/a	n/a n/a	Jun 2, 2026	CVE
LOW 3.1	CVE-2026-8404	Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware_CVE-2026-8404 An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not match ...	djangoproject	Django 6.0	Jun 3, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Potential DoS via quadratic complexity in unicodedata.normalize()_CVE-2026-3276

Recent Advisories

Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT_THN:EBEF4474475574D09B83167D16690C6D

Stop Patching at Human Speed: Peer-to-Peer (P2P) Distribution Closes the Remediation Gap Before Attackers Strike_QUALYSBLOG:CB6AB0F22D373D44641F0A459EDB5DFD

ParamStriker_8D02FC42-E11E-5436-870C-E4CD77B99D8D

Exploit for CVE-2026-35904_D2A2BDA2-A827-5C81-ACD9-A68148EC42CC

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag_THN:080A0E674D16A0E41BA6F5E8E1F2D4E0

1click-gh-token-stealing-via-vscode-POC_FEF41599-6B58-5BDB-BB48-0E38230B7291

CVE-2026-35716_CVE-2026-35716

CVE-2026-30649_CVE-2026-30649

Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware_CVE-2026-8404

Protect Your Attack Surface with RedGem

Security Intelligence
Feed