Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

284 New today

64,932 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

Jun 24

Critical

High

Medium

Low

Latest

CVE CVSS 6.2

Foreman-mcp-server: mcp server: insecure sensitive http header sanitization_CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The ot...

CVE-2026-9073 Red Hat Red Hat Satellite 6

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-53931	NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint_CVE-2026-53931 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequestMake could be used as a ...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-53930	NocoDB: Server-Side Request Forgery via Base Migration URL_CVE-2026-53930 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the base-migration endpoint accepted a caller-supplied URL that the ...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-53929	NocoDB: Stored Cross-Site Scripting via Secure Attachment_CVE-2026-53929 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, with NC_SECURE_ATTACHMENTS=true, an authenticated uploader could del...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-53928	NocoDB: Refresh Tokens Persist Through Password Recovery_CVE-2026-53928 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a password-forgot flow and could be ...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-53927	NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL_CVE-2026-53927 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint (axiosRequestMake) accepted URLs whos...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-53926	NocoDB: OAuth Tokens Persist Through Security Events_CVE-2026-53926 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, revokeAllOAuthTokensByUser in the users service is an empty stub bei...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
LOW 2.3	CVE-2026-47388	NocoDB: Missing Ownership Check in MCP Attachment Read_CVE-2026-47388 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a low-privilege MCP token holder with knowledge of an attachment pat...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
HIGH 8.4	CVE-2026-47387	NocoDB: Stored Cross-Site Scripting via Form View Redirect URL_CVE-2026-47387 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the shared form-view submit handler (packages/nc-gui/composables/use...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-47386	NocoDB: OAuth Authorization Code Race Condition_CVE-2026-47386 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, two concurrent token-exchange requests using the same OAuth authoriz...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Foreman-mcp-server: mcp server: insecure sensitive http header sanitization_CVE-2026-9073

Recent Advisories

NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint_CVE-2026-53931

NocoDB: Server-Side Request Forgery via Base Migration URL_CVE-2026-53930

NocoDB: Stored Cross-Site Scripting via Secure Attachment_CVE-2026-53929

NocoDB: Refresh Tokens Persist Through Password Recovery_CVE-2026-53928

NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL_CVE-2026-53927

NocoDB: OAuth Tokens Persist Through Security Events_CVE-2026-53926

NocoDB: Missing Ownership Check in MCP Attachment Read_CVE-2026-47388

NocoDB: Stored Cross-Site Scripting via Form View Redirect URL_CVE-2026-47387

NocoDB: OAuth Authorization Code Race Condition_CVE-2026-47386

Protect Your Attack Surface with RedGem

Security Intelligence
Feed