Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

233 New today
64,547 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
226
Jun 22
Critical
High
Medium
Low
Latest
CVE CVSS 7.7

GPU DDK – kernel<->fw CCB contains SYNC_PRIMITIVE_BLOCK firmware address without holding reference_CVE-2026-41156

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource (memory page) managed by a CPU thread of control (driver) and accessed by a GPU thread o...

CVE-2026-41156 Imagination Technologies Graphics DDK 1.18 RTM
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.7 CVE-2026-34192

GPU DDK – _MMU_AllocLevel error recovery paths leave dangling page table entries_CVE-2026-34192

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables....

Imagination Technologies Graphics DDK 1.18 RTM CVE
MEDIUM 5.1 CVE-2026-55443

LangChain: Path traversal and sandbox escape in LangChain file-search middleware and loaders_CVE-2026-55443

LangChain is a framework for building agents and LLM-powered applications. Prior to 1.3.9, several LangChain components that resolve filesystem pat...

langchain-ai langchain < 1.3.9 CVE
MEDIUM 5.3 CVE-2026-54300

@astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN config_CVE-2026-54300

@astrojs/netlify is an adapter that allows Astro to deploy your hybrid or server rendered site to Netlify. Prior to 7.0.13, @astrojs/netlify conver...

withastro astro < 7.0.13 CVE
HIGH 7.5 CVE-2026-54299

Astro: Host-header full-read SSRF in core prerendered error-page fetch (prerenderedErrorPageFetch default + unvalidated createRequestFromNodeRequest URL)_CVE-2026-54299

Astro is a web framework. Prior to 6.4.6, Astro SSR apps with prerendered error pages (/404 or /500 using export const prerender = true) fetch thos...

withastro astro < 6.4.6 CVE
MEDIUM 4.2 CVE-2026-54298

Astro: XSS via Unescaped Attribute Names in Spread Props_CVE-2026-54298

Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and pas...

withastro astro < 6.4.6 CVE
HIGH 7.5 CVE-2026-54293

NLTK: URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File Read_CVE-2026-54293

NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural L...

nltk nltk < 3.10.0-rc1 CVE
MEDIUM 6.5 CVE-2026-54288

Hono: Body Limit Middleware can be bypassed on AWS Lambda by understating `Content-Length`_CVE-2026-54288

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, the Body Limit Middleware trusts the reques...

honojs hono < 4.12.25 CVE
HIGH 8.7 CVE-2026-53779

WebP Server Go < 0.15.0 Path Traversal via Backslash Encoding on Windows_CVE-2026-53779

WebP Server Go through 0.14.4 contains a path traversal vulnerability on Windows that allows unauthenticated attackers to read files outside the co...

webp-sh webp_server_go CVE
LOW 3.1 CVE-2026-53663

React Router: `handleDocumentRequest` CSRF check covers `POST` only; PUT/PATCH/DELETE bypass_CVE-2026-53663

React Router is a router for React. From 7.12.0 until 7.15.1, certain CSRF checks in React Router v7 Framework Mode were insufficient and run on PO...

remix-run react-router >= 7.12.0, < 7.15.1 CVE