Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

289 New today
64,930 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
292
Jun 23
Jun 24
Critical
High
Medium
Low
Latest
CVE CVSS 3.7

Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination_CVE-2026-55654

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, ...

CVE-2026-55654 Red Hat Red Hat Enterprise Linux 10
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 4.3 CVE-2026-55653

Openssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of service_CVE-2026-55653

A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange (DH-GEX) client pa...

Red Hat Red Hat Enterprise Linux 10 CVE
NONE 8BAB742C-5C9E-

sharepoint-sqli-research_8BAB742C-5C9E-5401-B964-9E8F5ACD280A

SharePoint SQL Injection Research Analysis of SQL injection vulnerabilities affecting Microsoft SharePoint Server on-premises deployments — coverin...

N/A N/A GITHUBEXPLOIT
HIGH 7.8 DF5C4368-B596-

Exploit for Untrusted Pointer Dereference in Microsoft_DF5C4368-B596-5A56-B3D2-A29063405520

Note The NTOKernelBase in exp.cpp needs to be set by yourself...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 MS:CVE-2026-12447

Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC_MS:CVE-2026-12447

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
LOW 3.1 MS:CVE-2026-12458

Chromium: CVE-2026-12458 Incorrect security UI in Passwords_MS:CVE-2026-12458

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
HIGH 7.1 CVE-2026-10658

Bluetooth Host ISO RX Missing SDU Header Length Validation in bt_iso_recv() Leads to DoS_CVE-2026-10658

A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In bt_iso_recv() (subsys/blue...

zephyrproject-rtos Zephyr * CVE
HIGH 7.1 CVE-2026-10651

Bluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds read_CVE-2026-10651

A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, bt_sd...

zephyrproject-rtos Zephyr * CVE
MEDIUM 4.9 CVE-2026-10645

fs: ext2: Missing structural validation of directory entries can cause out-of-bounds read and zero-progress directory traversal_CVE-2026-10645

Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversa...

zephyrproject-rtos Zephyr * CVE
HIGH 8.2 CVE-2026-11833

CVE-2026-11833_CVE-2026-11833

Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting inform...

Yokogawa Electric Corporation FAST/TOOLS R9.01 CVE