Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

208 New today
59,492 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

67
May 23
111
May 24
204
May 25
336
May 26
455
May 27
326
May 28
451
May 29
206
May 30
84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
208
Jun 4
Jun 5
Critical
High
Medium
Low
Latest
CVE CVSS 8.9

Tautulli Vulnerable to Unauthenticated/Authenticated Remote Code Execution via Newsletter Custom Template Directory_CVE-2026-41065

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 are vulnerable to remote code execution via the newsletter custom template directory feature. On a fresh install before the setup wizard is completed, all management endpoin...

CVE-2026-41065 Tautulli Tautulli < 2.17.1
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2026-28318

SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability_CVE-2026-28318

SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: de...

SolarWinds Serv-U 15.5.4 and previous versions CVE
MEDIUM 5.3 CVE-2026-10864

MISP Dashboard widget field selection may expose restricted user and organisation data_CVE-2026-10864

A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields were returne...

misp misp CVE
MEDIUM 6.4 CVE-2026-10863

MISP User-controlled order parameter in correlations over-correlation endpoint_CVE-2026-10863

A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named re...

misp misp CVE
HIGH 7.9 CVE-2026-10860

MISP CRUDComponent delete validation bypass via operator precedence error_CVE-2026-10860

A logic error in the MISP CRUD component delete handler allowed validation failures to be bypassed when requests used the HTTP DELETE method. Due t...

misp misp CVE
LOW 2 CVE-2026-10812

zilliztech GPTCache Cache Key pre.py BufferedReader.peek weak hash_CVE-2026-10812

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/p...

zilliztech GPTCache 0.1.0 CVE
MEDIUM 5.3 CVE-2026-10811

itsourcecode Fees Management System receipt.php sql injection_CVE-2026-10811

A security vulnerability has been detected in itsourcecode Fees Management System 1.0. Affected by this vulnerability is an unknown functionality o...

itsourcecode Fees Management System 1.0 CVE
NONE TALOSBLOG:0CBDD...

Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting_TALOSBLOG:0CBDDA6FE6AA56CFD91490686CFCB8FF

![Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting](https://storage.ghost.io/c/af/a0/afa04ee3-414f-4481-8d23-7e7c146f19...

N/A N/A TALOSBLOG
NONE HACKREAD:8A6DF3...

Lazarus Group Uses npm Brandjacking Campaign to Target Developers_HACKREAD:8A6DF38DFF0EFF16B4CCF1D5AB4EB07B

North Korean Lazarus Group targets npm developers with brandjacking packages that mimic trusted tools, drop malware and put credentials at risk.

N/A N/A HACKREAD
NONE TALOSBLOG:4FD6A...

Winning the cyber marathon with Tony Giandomenico_TALOSBLOG:4FD6AF08F810A780635892806951A9E9

![Winning the cyber marathon with Tony Giandomenico](https://storage.ghost.io/c/af/a0/afa04ee3-414f-4481-8d23-7e7c146f192e/content/images/2026/06/h...

N/A N/A TALOSBLOG