Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

54 New today

64,223 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

CVE CVSS 8.7

AVideo – Unauthenticated Access to Payment Log DataTables Endpoints via list.json.php_CVE-2026-56341

AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transactio...

CVE-2026-56341 AVideo AVideo

Jun 20, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.7	CVE-2026-56340	vLLM – Denial of Service via Unvalidated Multimodal Embeddings_CVE-2026-56340 vLLM versions >= 0.10.2 and < 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tens...	vLLM	vLLM 0.10.2	Jun 20, 2026	CVE
MEDIUM 5.3	CVE-2025-71379	vllm – Regular Expression Denial of Service in Multiple Components_CVE-2025-71379 vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Several regex patterns — in vllm/...	vllm	vllm 0.6.3	Jun 20, 2026	CVE
NONE	79718F65-1042-	flowise-mcp-env-case-bypass-poc_79718F65-1042-5245-B81E-B6A037118E89 Flowise 3.1.2 Custom MCP Environment Variable Case Bypass PoC This repository documents and validates an authenticated Windows ACE/RCE-class issue ...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
CRITICAL 9.8	B59AFB79-5EFF-	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat_B59AFB79-5EFF-5CBE-9EBA-41DE2D90DCE9 No description provided...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	A1BEE599-14D1-	web-security-home-lab_A1BEE599-14D1-54E0-B7DF-3543EE06C675 Cybersecurity Home Lab Overview This project documents my beginner cybersecurity home lab using VMware, Kali Linux, Metasploitable 2, and DVWA. The...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	F9B25569-99EF-	ctf-hackathon-kit_F9B25569-99EF-5467-BAC4-D7CB41A642A6 🚩 CTF / Hackathon Starter Pack A complete, offline-ready toolkit for cyber CTFs and hackathons Hack The Box / picoCTF / TryHackMe style. Everythin...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
MEDIUM 5.1	CVE-2026-56332	Capgo – Open Redirect via confirmation_url Parameter_CVE-2026-56332 Capgo before 12.128.2 contains an open redirect vulnerability in the confirm-signup endpoint that allows attackers to redirect users to arbitrary e...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 4.8	CVE-2026-56330	Capgo – Open Redirect via Unvalidated Stripe Billing URLs_CVE-2026-56330 Capgo before 12.128.2 contains an open redirect vulnerability in stripe_portal and stripe_checkout endpoints that accept unvalidated callbackUrl, s...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 5.3	CVE-2026-56319	Capgo – App Existence Oracle via GET /statistics/app/:app_id_CVE-2026-56319 Capgo before 12.128.2 contains an information disclosure vulnerability in the GET /statistics/app/:app_id endpoint that allows app-limited API keys...	Capgo	Capgo	Jun 20, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

AVideo – Unauthenticated Access to Payment Log DataTables Endpoints via list.json.php_CVE-2026-56341

Recent Advisories

vLLM – Denial of Service via Unvalidated Multimodal Embeddings_CVE-2026-56340

vllm – Regular Expression Denial of Service in Multiple Components_CVE-2025-71379

flowise-mcp-env-case-bypass-poc_79718F65-1042-5245-B81E-B6A037118E89

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat_B59AFB79-5EFF-5CBE-9EBA-41DE2D90DCE9

web-security-home-lab_A1BEE599-14D1-54E0-B7DF-3543EE06C675

ctf-hackathon-kit_F9B25569-99EF-5467-BAC4-D7CB41A642A6

Capgo – Open Redirect via confirmation_url Parameter_CVE-2026-56332

Capgo – Open Redirect via Unvalidated Stripe Billing URLs_CVE-2026-56330

Capgo – App Existence Oracle via GET /statistics/app/:app_id_CVE-2026-56319

Protect Your Attack Surface with RedGem

Security Intelligence
Feed