Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

147 New today

59,283 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

202

May 22

May 23

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

150

Jun 3

Jun 4

Critical

High

Medium

Low

Latest

CVE CVSS 6.9

FOSSBilling version exposed via asset cache buster_CVE-2026-40495

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the `hide_version_public` security setting. The FOSSBilling version is embedded in the...

CVE-2026-40495 FOSSBilling FOSSBilling < 0.8.0

Jun 3, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2	CVE-2026-10766	mlrun DataFrame Hash helpers.py mlrun.utils.helpers.calculate_dataframe_hash weak hash_CVE-2026-10766 A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculate_dataframe_hash of the file mlrun/...	n/a	mlrun 1.12.0-rc1	Jun 3, 2026	CVE
CRITICAL 9.8	3BCADBAC-E6C7-	Exploit for Prototype Pollution in Cure53 Dompurify_3BCADBAC-E6C7-5B3A-84E1-6938398220F9 DOMPurify re-clone bypass. Instead of relying on easily stripped source comments or version variables, this tool performs logic fingerprinting on m...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	MSF:EXPLOIT-MULTI-	Gogs Git Rebase Argument Injection RCE_MSF:EXPLOIT-MULTI-HTTP-GOGS_REBASE_RCE- This module exploits an argument injection vulnerability in the pull request merge flow of Gogs is parsed by Git as the --exec flag rather than a p...	N/A	N/A	Jun 3, 2026	METASPLOIT
CRITICAL 9.2	8AD1A192-E34A-	Exploit for CVE-2026-42945_8AD1A192-E34A-5E8C-A3B9-4AAECCED2A20 No description provided...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
MEDIUM 6.5	243CDB42-BE28-	Exploit for CVE-2026-2256_243CDB42-BE28-5810-BB45-078630950EB9 CVE-2026-2256-Threat-Model----ms-agent-Command-Injection...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	MALWAREBYTES:25...	We found this fake-invoice campaign while scammers were still building it_MALWAREBYTES:25837C9966B4BAC9D5751BE5031B9FC8 A new batch of fake payment invoices is being staged right now, and we caught the campaign while it was still being put together. The emails impers...	N/A	N/A	Jun 3, 2026	MALWAREBYTES
NONE	WIRED:1EAF5DF8A...	xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity_WIRED:1EAF5DF8A74C5E2543ACF401BFDFAF11 Four people suing Elon Musk's AI firm under pseudonyms due to the risks of being identified may face a difficult choice: Reveal your real names, or...	N/A	N/A	Jun 3, 2026	WIRED
MEDIUM 5.3	CVE-2026-42507	Arbitrary inputs are included in errors without any escaping in net/textproto_CVE-2026-42507 When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject ...	Go standard library	net/textproto	Jun 2, 2026	CVE
NONE	THN:39C53E79409...	WhatsApp, Slack Notifications Could Hijack Google Gemini on Android_THN:39C53E7940941BA527D7D41B5E56D8C8 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCJpW9I-QTgQOkP7AV3rwUtEOEs96ek2ySR06Go-xq5AThZV84qY3mDN1Dkh0oQ-94jZHc7zB21ax9ljU0dW...	N/A	N/A	Jun 3, 2026	THN

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

FOSSBilling version exposed via asset cache buster_CVE-2026-40495

Recent Advisories

mlrun DataFrame Hash helpers.py mlrun.utils.helpers.calculate_dataframe_hash weak hash_CVE-2026-10766

Exploit for Prototype Pollution in Cure53 Dompurify_3BCADBAC-E6C7-5B3A-84E1-6938398220F9

Gogs Git Rebase Argument Injection RCE_MSF:EXPLOIT-MULTI-HTTP-GOGS_REBASE_RCE-

Exploit for CVE-2026-42945_8AD1A192-E34A-5E8C-A3B9-4AAECCED2A20

Exploit for CVE-2026-2256_243CDB42-BE28-5810-BB45-078630950EB9

We found this fake-invoice campaign while scammers were still building it_MALWAREBYTES:25837C9966B4BAC9D5751BE5031B9FC8

xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity_WIRED:1EAF5DF8A74C5E2543ACF401BFDFAF11

Arbitrary inputs are included in errors without any escaping in net/textproto_CVE-2026-42507

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android_THN:39C53E7940941BA527D7D41B5E56D8C8

Protect Your Attack Surface with RedGem

Security Intelligence
Feed