Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

158 New today
64,661 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
23
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.9 CVE-2026-54530

pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction_CVE-2026-54530

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an...

py-pdf pypdf < 6.13.0 CVE
CRITICAL 9.5 CVE-2026-49468

LiteLLM: Authentication Bypass via Host Header Injection_CVE-2026-49468

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0.

BerriAI litellm < 1.84.0 CVE
MEDIUM 6.9 CVE-2026-49461

pypdf: Possible large memory usage for form XObjects during text extraction_CVE-2026-49461

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to la...

py-pdf pypdf < 6.12.2 CVE
MEDIUM 5.1 CVE-2026-49460

pypdf: Inefficient decoding of FlateDecode PNG predictor streams_CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to lo...

py-pdf pypdf < 6.12.2 CVE
MEDIUM 5.8 CVE-2026-47242

Net::IMAP: Command Injection via ID command argument_CVE-2026-47242

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, when Net::IMAP#id is called w...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
LOW 2.1 CVE-2026-47241

Net::IMAP: Denial of Service via incomplete raw argument validation_CVE-2026-47241

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands ac...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
MEDIUM 5.8 CVE-2026-47240

Net::IMAP: Command Injection via non-synchronizing literal in “raw” argument_CVE-2026-47240

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands ac...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
CRITICAL 9.2 CVE-2026-45034

PhpSpreadsheet: File::prohibitWrappers bypass_CVE-2026-45034

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.5, CVE-2026-34084 was patched by the helper File::pro...

PHPOffice PhpSpreadsheet < 1.30.5 CVE
CRITICAL 9.3 CVE-2026-44727

Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP_CVE-2026-44727

Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyter_server render user-authored noteb...

jupyter-server jupyter_server < 2.20 CVE