Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

180 New today
64,699 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
61
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
NONE 7CA75EAE-A0F0-

elevate-kit_7CA75EAE-A0F0-5208-961E-2A8AB16A5A95

elevate-kit Local privilege escalation enumeration scripts for Linux and Windows. Both tools assume you already have a foothold a shell / session o...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.4 CVE-2026-56397

SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README_CVE-2026-56397

SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject ...

SiYuan SiYuan CVE
HIGH 8.7 CVE-2026-56396

phpMyFAQ – Privilege Escalation via Missing Authorization in editUser() and updateUserRights()_CVE-2026-56396

phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated admini...

phpMyFAQ phpMyFAQ CVE
CRITICAL 9.4 CVE-2026-56395

SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README_CVE-2026-56395

SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject ...

SiYuan SiYuan CVE
HIGH 7.1 CVE-2026-56394

Craft CMS – Authenticated Path Traversal in assets/icon Extension Parameter_CVE-2026-56394

Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not va...

craftcms cms 4.0.0-RC1 CVE
MEDIUM 4.6 CVE-2026-56393

Craft CMS – Multiple Stored Cross-Site Scripting in Settings Names and Field Options_CVE-2026-56393

Craft CMS 4.x (>= 4.0.0-RC1, < 4.17.0-beta.1) and 5.x (>= 5.0.0-RC1, < 5.9.0-beta.1) contain multiple stored cross-site scripting vulnerabilities w...

craftcms cms 5.0.0-RC1 CVE
MEDIUM 5.3 CVE-2026-56385

Craft CMS – Authorization Bypass in assets/preview-file Endpoint_CVE-2026-56385

Craft CMS versions >= 5.0.0-RC1, = 4.0.0-RC1,

craftcms cms 5.0.0-RC1 CVE
MEDIUM 5.3 CVE-2026-56384

Craft CMS – Missing Authorization in assets/preview-thumb Endpoint_CVE-2026-56384

Craft CMS contains a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user without permission to view a ta...

craftcms cms 4.0.0-RC1 CVE
MEDIUM 4.6 CVE-2026-56383

Craft CMS – Stored XSS in Table Field via Row Heading Column Type_CVE-2026-56383

Craft CMS contains a stored cross-site scripting (XSS) vulnerability in the editableTable.twig component when using the 'Row Heading' column type. ...

craftcms cms 4.5.0-beta.1 CVE