Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

155 New today

65,735 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 5.3

hono – HTML Injection via Improper JSX Attribute Name Handling in SSR_CVE-2026-56761

hono before 4.12.14 contains an html injection vulnerability in jsx server-side rendering that allows attackers to inject unintended html by using malformed attribute names. Attackers can craft specially crafted attribute keys containing characters like quotes or angle bracket...

CVE-2026-56761 hono hono

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.8	CVE-2026-56370	ImageMagick – Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact_CVE-2026-56370 ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artif...	ImageMagick	ImageMagick	Jun 24, 2026	CVE
MEDIUM 6.3	CVE-2026-56368	ImageMagick – Memory Leak in Raw Pixel Data Coders_CVE-2026-56368 ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not prope...	ImageMagick	ImageMagick	Jun 24, 2026	CVE
MEDIUM 5.1	CVE-2026-56358	n8n – Stored Cross-Site Scripting in Form Trigger Node_CVE-2026-56358 n8n before 1.123.25 (1.x) and before 2.11.2 (2.x), with the fix also included in 2.12.0, contains a stored cross-site scripting vulnerability in th...	n8n	n8n	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-56351	n8n – SQL Injection in MySQL, PostgreSQL, and Microsoft SQL Nodes_CVE-2026-56351 n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes that allows authenticated users to in...	n8n	n8n	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-56338	Capgo – Denial of Service in 2FA Email Verification via /auth/v1/otp Endpoint_CVE-2026-56338 Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authe...	Capgo	Capgo	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-56337	Capgo – Information Disclosure via Unauthenticated RPC Function exist_app_v2_CVE-2026-56337 Capgo before 12.128.2 contains an information disclosure vulnerability in the public.exist_app_v2 RPC function that allows unauthenticated attacker...	Capgo	Capgo	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-56310	Cap-go – Authorization Bypass in Organization Members Endpoint via API Key Scope Bypass_CVE-2026-56310 Cap-go before 12.128.2 contains an authorization bypass vulnerability in the GET /organization/members endpoint that allows org-limited API keys to...	Cap-go	capgo	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-56302	Capgo – Unsecured Supabase Images Bucket via Missing Row Level Security_CVE-2026-56302 Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, inse...	Capgo	Capgo	Jun 24, 2026	CVE
MEDIUM 5.6	CVE-2026-56272	Flowise – Insufficient Password Salt Rounds in Bcrypt Hashing_CVE-2026-56272 Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds...	Flowise	Flowise	Jun 24, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

hono – HTML Injection via Improper JSX Attribute Name Handling in SSR_CVE-2026-56761

Recent Advisories

ImageMagick – Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact_CVE-2026-56370

ImageMagick – Memory Leak in Raw Pixel Data Coders_CVE-2026-56368

n8n – Stored Cross-Site Scripting in Form Trigger Node_CVE-2026-56358

n8n – SQL Injection in MySQL, PostgreSQL, and Microsoft SQL Nodes_CVE-2026-56351

Capgo – Denial of Service in 2FA Email Verification via /auth/v1/otp Endpoint_CVE-2026-56338

Capgo – Information Disclosure via Unauthenticated RPC Function exist_app_v2_CVE-2026-56337

Cap-go – Authorization Bypass in Organization Members Endpoint via API Key Scope Bypass_CVE-2026-56310

Capgo – Unsecured Supabase Images Bucket via Missing Row Level Security_CVE-2026-56302

Flowise – Insufficient Password Salt Rounds in Bcrypt Hashing_CVE-2026-56272

Protect Your Attack Surface with RedGem

Security Intelligence
Feed