Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

327 New today

65,672 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

PACKETSTORM CVSS 10

📄 Dalfox Found-Action Deserialization Remote Code Execution_PACKETSTORM:224334

When dalfox versions less than or equal to 2.12.0 is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options - including...

PACKETSTORM:224334

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	MSSECURE:9CD4AE...	Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms_MSSECURE:9CD4AE8F9F47AF1696C23F8E30078560 The endpoint management category is being redefined in real time. Organizations no longer need tools that only inventory devices or enforce configu...	N/A	N/A	Jun 25, 2026	MSSECURE
NONE	SCHNEIER:241805...	AI and Liability_SCHNEIER:24180570FA25CD366F3C4BC1B6F703A6 Earlier this month, a German court ruled that Google is liable for its AI search summaries. Rejecting defenses like "users can check for themselves...	N/A	N/A	Jun 25, 2026	SCHNEIER
NONE	HACKREAD:C879C0...	Fake GTA 6 Early Access Websites Target Gamers with Malware and Crypto Scams_HACKREAD:C879C04F7479896AF809D522E0B323F4 GTA 6 scams are luring fans with fake early access, crypto payments and malware downloads. Learn why PC and Android gamers face the biggest risks o...	N/A	N/A	Jun 25, 2026	HACKREAD
HIGH 7.5	CVE-2025-61027	CVE-2025-61027_CVE-2025-61027 An issue in the t_set_push component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL st...	n/a	n/a n/a	Jun 23, 2026	CVE
HIGH 7.5	CVE-2025-61023	CVE-2025-61023_CVE-2025-61023 An issue in the st_compare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL st...	n/a	n/a n/a	Jun 23, 2026	CVE
MEDIUM 6.1	CVE-2026-48942	Joomla Extension – getk2.com – Stored-XSS in K2 extension for Joomla < 2.26_CVE-2026-48942 K2 ≤ 2.26 renders the `#__k2_users.image` column directly into HTML `src` attributes via two distinct templates, in both cases without HTML escaping.	getk2.com	K2 extension for Joomla 1.0-2.26	Jun 25, 2026	CVE
HIGH 8.1	CVE-2026-9800	Keycloak: keycloak policy enforcer: authorization bypass via incorrect uri comparison_CVE-2026-9800 A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role...	Red Hat	Red Hat Build of Keycloak	Jun 25, 2026	CVE
MEDIUM 4.6	CVE-2026-9799	Keycloak: keycloak: unauthorized access to resources via uma permission ticket bypass_CVE-2026-9799 A flaw was found in org.keycloak.authorization. An authenticated user with a granted User-Managed Access (UMA) permission ticket for one resource c...	Red Hat	Red Hat Build of Keycloak	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-9705	Keycloak: keycloak: attacker can re-enable and take over disabled clients via registration access token_CVE-2026-9705 A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token (RAT), coul...	Red Hat	Red Hat Build of Keycloak	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

📄 Dalfox Found-Action Deserialization Remote Code Execution_PACKETSTORM:224334

Recent Advisories

Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms_MSSECURE:9CD4AE8F9F47AF1696C23F8E30078560

AI and Liability_SCHNEIER:24180570FA25CD366F3C4BC1B6F703A6

Fake GTA 6 Early Access Websites Target Gamers with Malware and Crypto Scams_HACKREAD:C879C04F7479896AF809D522E0B323F4

CVE-2025-61027_CVE-2025-61027

CVE-2025-61023_CVE-2025-61023

Joomla Extension – getk2.com – Stored-XSS in K2 extension for Joomla < 2.26_CVE-2026-48942

Keycloak: keycloak policy enforcer: authorization bypass via incorrect uri comparison_CVE-2026-9800

Keycloak: keycloak: unauthorized access to resources via uma permission ticket bypass_CVE-2026-9799

Keycloak: keycloak: attacker can re-enable and take over disabled clients via registration access token_CVE-2026-9705

Protect Your Attack Surface with RedGem

Security Intelligence
Feed