Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

286 New today

64,930 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

292

Jun 23

Jun 24

Critical

High

Medium

Low

Latest

CVE CVSS 6.4

Mattermost Jira plugin had unauthenticated {{/ac/installed}} lifecycle callback during pending Jira Cloud install_CVE-2026-6673

Mattermost versions 11.7.x <= 11.7.0, 11.6.x <= 11.6.2, 11.5.x <= 11.5.5, 10.11.x <= 10.11.17 fail to authenticate Atlassian Connect installed callbacks, allowing a remote unauthenticated attacker to inject a rogue sharedSecret and disrupt the Jira integration via POST to /ac/...

CVE-2026-6673 Mattermost Mattermost 11.7.0

Jun 22, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7	CVE-2026-6653	libxml2: Use after free in xmlParseInternalSubset via improper entity resolution handling_CVE-2026-6653 Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-servic...	GNOME	libxml2 2.9.11	Jun 22, 2026	CVE
MEDIUM 4.4	7DF60A36-5B48-	Exploit for CVE-2026-2002_7DF60A36-5B48-59EB-A46D-66756D01D7E4 Sumary The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi...	N/A	N/A	Jun 22, 2026	GITHUBEXPLOIT
MEDIUM 6.4	CVE-2026-6062	IDOR in Jira plugin subscription edit endpoint_CVE-2026-6062 Mattermost versions 11.7.x	Mattermost	Mattermost 11.7.0	Jun 22, 2026	CVE
MEDIUM 5.4	CVE-2026-5139	GitLab Plugin Allows Non-Admin Users to Modify Default Instance Configuration_CVE-2026-5139 Mattermost versions 11.7.x	Mattermost	Mattermost 11.7.0	Jun 22, 2026	CVE
MEDIUM 5.1	CVE-2026-56450	AIL Framework – Missing Rate Limiting Enables Brute-Force Attacks Against Two-Factor Authentication Codes_CVE-2026-56450 AIL did not restrict repeated failed attempts to verify a two-factor authentication (OTP) code. An attacker who had reached the 2FA verification st...	ail project	ail framework	Jun 22, 2026	CVE
HIGH 8.3	CVE-2026-56448	Authenticated Path Traversal in AIL Framework Investigation Downloads Allows Arbitrary File Read_CVE-2026-56448 A path traversal vulnerability exists in AIL Framework before the release containing commit 0041456af25da0cdea1c1c4624e46baff2731d8f. An authentica...	ail project	ail framework	Jun 22, 2026	CVE
MEDIUM 4.3	MS:CVE-2026-12446	Chromium: CVE-2026-12446 Insufficient data validation in Passwords_MS:CVE-2026-12446 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
NONE	THN:7B782DD6342...	Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries_THN:7B782DD6342D0803A9E4F4BA84097D55 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisV9q8kKe0eopbInTHgwScUvzjKlnPTpk74j7M6F-6BH46hVr9wcadvztA2RYJdKDQDzpV89bN4wH0hEL9qT...	N/A	N/A	Jun 22, 2026	THN
CRITICAL 9.3	CVE-2026-56447	MISP remote code execution via arbitrary rdkafka configuration path_CVE-2026-56447 MISP allowed an authenticated site administrator to set the Kafka_rdkafka_config setting to an arbitrary filesystem path. MISP subsequently parsed ...	misp	misp	Jun 22, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Mattermost Jira plugin had unauthenticated {{/ac/installed}} lifecycle callback during pending Jira Cloud install_CVE-2026-6673

Recent Advisories

libxml2: Use after free in xmlParseInternalSubset via improper entity resolution handling_CVE-2026-6653

Exploit for CVE-2026-2002_7DF60A36-5B48-59EB-A46D-66756D01D7E4

IDOR in Jira plugin subscription edit endpoint_CVE-2026-6062

GitLab Plugin Allows Non-Admin Users to Modify Default Instance Configuration_CVE-2026-5139

AIL Framework – Missing Rate Limiting Enables Brute-Force Attacks Against Two-Factor Authentication Codes_CVE-2026-56450

Authenticated Path Traversal in AIL Framework Investigation Downloads Allows Arbitrary File Read_CVE-2026-56448

Chromium: CVE-2026-12446 Insufficient data validation in Passwords_MS:CVE-2026-12446

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries_THN:7B782DD6342D0803A9E4F4BA84097D55

MISP remote code execution via arbitrary rdkafka configuration path_CVE-2026-56447

Protect Your Attack Surface with RedGem

Security Intelligence
Feed