Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

86 New today
64,296 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
79
Jun 21
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.4 CVE-2026-56395

SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README_CVE-2026-56395

SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject ...

SiYuan SiYuan CVE
HIGH 7.1 CVE-2026-56394

Craft CMS – Authenticated Path Traversal in assets/icon Extension Parameter_CVE-2026-56394

Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not va...

craftcms cms 4.0.0-RC1 CVE
MEDIUM 4.6 CVE-2026-56393

Craft CMS – Multiple Stored Cross-Site Scripting in Settings Names and Field Options_CVE-2026-56393

Craft CMS 4.x (>= 4.0.0-RC1, < 4.17.0-beta.1) and 5.x (>= 5.0.0-RC1, < 5.9.0-beta.1) contain multiple stored cross-site scripting vulnerabilities w...

craftcms cms 5.0.0-RC1 CVE
MEDIUM 5.3 CVE-2026-56385

Craft CMS – Authorization Bypass in assets/preview-file Endpoint_CVE-2026-56385

Craft CMS versions >= 5.0.0-RC1, = 4.0.0-RC1,

craftcms cms 5.0.0-RC1 CVE
MEDIUM 5.3 CVE-2026-56384

Craft CMS – Missing Authorization in assets/preview-thumb Endpoint_CVE-2026-56384

Craft CMS contains a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user without permission to view a ta...

craftcms cms 4.0.0-RC1 CVE
MEDIUM 4.6 CVE-2026-56383

Craft CMS – Stored XSS in Table Field via Row Heading Column Type_CVE-2026-56383

Craft CMS contains a stored cross-site scripting (XSS) vulnerability in the editableTable.twig component when using the 'Row Heading' column type. ...

craftcms cms 4.5.0-beta.1 CVE
HIGH 8.6 CVE-2026-56382

Craft CMS – Remote Code Execution via Missing Config Sanitization in FieldsController_CVE-2026-56382

Craft CMS (composer package craftcms/cms) versions >= 5.5.0 and

craftcms cms 5.5.0 CVE
MEDIUM 4.6 CVE-2026-56381

Craft CMS – Stored XSS via User Group Name in User Permissions Page_CVE-2026-56381

Craft CMS from version 5.0.0-RC1 contains a stored cross-site scripting vulnerability in the User Permissions page where user group names are rende...

craftcms cms 5.0.0-RC1 CVE
MEDIUM 6.3 CVE-2026-56378

ImageMagick – Heap Out-of-Bounds Read in PCD Decoder_CVE-2026-56378

ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file c...

ImageMagick ImageMagick CVE