Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

292 New today
64,923 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
285
Jun 23
Critical
High
Medium
Low
Latest
CVE CVSS 5.3

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway_CVE-2026-7253

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating ...

CVE-2026-7253 IBM IBM Watson Speech Services Cartridge 4.0.0
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.1 CVE-2026-56104

Chainlit < 2.10.1 Session Hijacking via WebSocket Session Restoration_CVE-2026-56104

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user s...

Chainlit chainlit CVE
HIGH 8.2 CVE-2026-54268

Angular: Denial of Service (DoS) via OOM in Date Formatting (formatDate)_CVE-2026-54268

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
HIGH 8.6 CVE-2026-54267

Angular Client Hydration DOM Clobbering & Response-Cache Poisoning_CVE-2026-54267

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
HIGH 8.8 CVE-2026-54266

Angular: Weak 32-Bit Cache Key Hashing in `HttpTransferCache` Leading to Cross-Request Data Leakage and State Poisoning_CVE-2026-54266

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
MEDIUM 5.3 CVE-2026-54265

Angular: Two-Way Property Binding Sanitization Bypass (XSS)_CVE-2026-54265

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
HIGH 8.3 CVE-2026-54264

Angular: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker_CVE-2026-54264

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1...

angular angular >= 22.0.0-next.0 < 22.0.1 CVE
MEDIUM 6.9 CVE-2026-53655

node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)_CVE-2026-53655

node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (node-tar) applies a PAX extended header's size= record (and other PAX overrides)...

isaacs node-tar < 7.5.16 CVE
MEDIUM 5.3 CVE-2026-53550

js-yaml: Quadratic-complexity DoS in merge key handling via repeated aliases_CVE-2026-53550

js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key...

nodeca js-yaml < 4.2.0 CVE
MEDIUM 5.3 CVE-2026-52725

Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)_CVE-2026-52725

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0 < 22.0.0-rc.2 CVE