Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

88 New today
62,190 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
354
Jun 4
517
Jun 5
109
Jun 6
32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
49
Jun 13
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 4.3 CVE-2026-44169

MariaDB: Authorization bypass in role-based routine-level privilege check exposes stored routine definitions_CVE-2026-44169

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user g...

MariaDB server >= 11.4.1, < 11.4.11 CVE
HIGH 8 CVE-2026-44168

MariaDB: wsrep SST unsafe parameter handling on the donor side_CVE-2026-44168

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before ...

MariaDB server >= 10.6.1, < 10.6.26 CVE
MEDIUM 6.9 CVE-2026-53726

Parse Server: Relation `$relatedTo` query bypasses `protectedFields` and owning-object ACL_CVE-2026-53726

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.80 and 9.9.1-alpha.6,...

parse-community parse-server < 8.6.80 CVE
MEDIUM 5.9 CVE-2026-53725

Parse Server: Endpoints `/login` and `/verifyPassword` disclose MFA secrets and protected fields when `_User` get is denied_CVE-2026-53725

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. From version 9.8.0 to before version 9.9.1-...

parse-community parse-server >= 9.8.0, < 9.9.1-alpha.5 CVE
LOW 2.1 CVE-2026-53724

Parse Server: Stored XSS via trailing-dot filename bypassing file upload extension blocklist_CVE-2026-53724

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 and 9.9.1-alpha.4,...

parse-community parse-server < 8.6.79 CVE
HIGH 8.1 CVE-2026-53408

CVE-2026-53408_CVE-2026-53408

Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an un...

Zoom Communications Zoom Workplace CVE
HIGH 8.1 CVE-2026-53407

CVE-2026-53407_CVE-2026-53407

Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an un...

Zoom Communications Zoom Workplace CVE
MEDIUM 6.9 CVE-2026-50244

Naxclow IoT Platform Missing Authorization_CVE-2026-50244

The Naxclow platform exposes a registration endpoint that accepts signed requests containing a batch prefix and an arbitrary caller-supplied accoun...

Naxclow Smart Doorbell X3 All CVE
HIGH 8.7 CVE-2026-50108

Naxclow IoT Platform Missing Authorization_CVE-2026-50108

The Naxclow platform API that returns device relay registration details exposes a persistent credential without verifying that the requester is the...

Naxclow Smart Doorbell X3 All CVE