Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

85 New today
64,295 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
78
Jun 21
Critical
High
Medium
Low
Latest
CVE CVSS 9

pgAdmin 4: Unauthenticated pickle deserialization in SQL Editor close / update_connection routes enables remote code execution_CVE-2026-12046

Two state-mutating endpoints in pgAdmin 4's SQL Editor blueprint -- DELETE /sqleditor/close/<trans_id> and POST /sqleditor/initialize/sqleditor/update_connection/<sgid>/<sid>/<did> -- were the only routes in the module missing the @pga_login_required decorator. Both reach a pi...

CVE-2026-12046 pgadmin.org pgAdmin 4 6.9
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9 CVE-2026-12045

pgAdmin 4: AI Assistant read-only transaction bypass allows unauthorised writes and remote code execution_CVE-2026-12045

Read-only transaction bypass in the pgAdmin 4 AI Assistant allows an attacker who can influence database content that the assistant reads to execut...

pgadmin.org pgAdmin 4 9.13 CVE
HIGH 8.8 CVE-2026-12044

pgAdmin 4: SQL injection in COMMENT ON … IS ‘‘ rendering across dialog templates_CVE-2026-12044

SQL injection in pgAdmin 4 across every dialog template that renders ``COMMENT ON ... IS ''`` for a user-supplied description field. The Jinja temp...

pgadmin.org pgAdmin 4 1.0 CVE
HIGH 8.7 CVE-2026-8806

Denial-of-service (DoS) vulnerability in MELSEC iQ-F Series FX5-ENET/IP Ethernet module_CVE-2026-8806

Expected Behavior Violation vulnerability in Mitsubishi Electric MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP all versions allows a r...

Mitsubishi Electric Corporation Mitsubishi Electric MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP All versions CVE
HIGH 8.7 CVE-2026-8805

Denial-of-service (DoS) vulnerability in MELSEC iQ-F Series EtherNet/IP module_CVE-2026-8805

Integer Overflow or Wraparound vulnerability in the EtherNet/IP function of Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module FX5-E...

Mitsubishi Electric Corporation Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior CVE
MEDIUM 4.3 CVE-2026-11775

User Admin Simplifier <= 3.0.0 - Cross-Site Request Forgery_CVE-2026-11775

The User Admin Simplifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due...

adamsilverstein User Admin Simplifier CVE
MEDIUM 6.9 CVE-2026-56132

CVE-2026-56132_CVE-2026-56132

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled...

libexpat project libexpat CVE
MEDIUM 4.9 CVE-2026-56131

CVE-2026-56131_CVE-2026-56131

libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a ...

libexpat project libexpat CVE
MEDIUM 4.3 CVE-2026-10779

Classified Listing <= 5.4.2 - Missing Authorization to Authenticated (Subscriber+) Feature Modification via Multiple AJAX Handlers ('listingId'/'id' Parameters)_CVE-2026-10779

The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and...

techlabpro1 Classified Listing – AI-Powered Classified ads & Business Directory CVE
MEDIUM 4.3 CVE-2026-9013

Bogo <= 3.9.1 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via REST API_CVE-2026-9013

The Bogo plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.9.1 via the bogo_rest_create_...

rocklobsterinc Bogo CVE