Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

192 New today

66,835 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

284

Jun 29

131

Jun 30

Critical

High

Medium

Low

Latest

CVE CVSS 2.3

Cross-site scripting in MDEx via unescaped highlight_lines_class code-fence attribute_CVE-2026-53427

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leandrocp MDEx allows stored or reflected cross-site scripting via attacker-controlled Markdown. When syntax highlighting and full info-string forwarding (render: [full_info_...

CVE-2026-53427 leandrocp mdex 0.11.3

Jun 29, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.2	CVE-2026-13757	P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing_CVE-2026-13757 A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_va...	Red Hat	Red Hat Enterprise Linux 10	Jun 29, 2026	CVE
MEDIUM 5.1	CVE-2026-54889	Unsanitized URL schemes in MDEx Quill Delta output allow javascript: injection (XSS)_CVE-2026-54889 Improper Neutralization of Input During Web Page Generation (XSS) vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL s...	leandrocp	mdex 0.8.3	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-54888	Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex_CVE-2026-54888 Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir ...	leandrocp	mdex 0.3.0	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-53429	Unbounded native memory leak in mdex escaped-tag rendering enables unauthenticated denial of service_CVE-2026-53429 Missing Release of Memory after Effective Lifetime vulnerability in leandrocp mdex and mdex_native allows an attacker who controls a rendered docum...	leandrocp	mdex 0.11.0	Jun 29, 2026	CVE
HIGH 8.2	CVE-2026-53426	Atom-table exhaustion denial-of-service via JSON parse_document in MDEx_CVE-2026-53426 Allocation of Resources Without Limits or Throttling vulnerability in leandrocp MDEx allows Excessive Allocation. MDEx.parse_document/2 accepts a ...	leandrocp	mdex 0.4.3	Jun 29, 2026	CVE
HIGH 7.8	CVE-2026-57919	CVE-2026-57919_CVE-2026-57919 PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe (\\.\pipe\PBackupVSS) with a DACL that grants GENERIC_READ...	n/a	n/a n/a	Jun 29, 2026	CVE
CRITICAL 9.6	CVE-2026-57498	Coolify Cross-Team IDOR: Livewire Components Accept Unscoped server_id and destination_uuid — Deploy to Other Teams’ Servers_CVE-2026-57498 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, Coolify's API controll...	coollabsio	coolify < 4.0.0-beta.474	Jun 29, 2026	CVE
CRITICAL 9.8	CVE-2026-13763	HTTP/2 Stream Parser Confusion Body-Inspection Bypass in AWS Application Load Balancer with AWS WAF_CVE-2026-13763 Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might allow remote actors to bypass AWS WAF ma...	AWS	AWS Application Load Balancer	Jun 29, 2026	CVE
CRITICAL 9.8	CVE-2026-13762	HTTP/2 Stream Parser Confusion Body-Inspection Bypass in Amazon CloudFront with AWS WAF_CVE-2026-13762 Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule b...	AWS	Amazon CloudFront	Jun 29, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Cross-site scripting in MDEx via unescaped highlight_lines_class code-fence attribute_CVE-2026-53427

Recent Advisories

P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing_CVE-2026-13757

Unsanitized URL schemes in MDEx Quill Delta output allow javascript: injection (XSS)_CVE-2026-54889

Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex_CVE-2026-54888

Unbounded native memory leak in mdex escaped-tag rendering enables unauthenticated denial of service_CVE-2026-53429

Atom-table exhaustion denial-of-service via JSON parse_document in MDEx_CVE-2026-53426

CVE-2026-57919_CVE-2026-57919

Coolify Cross-Team IDOR: Livewire Components Accept Unscoped server_id and destination_uuid — Deploy to Other Teams’ Servers_CVE-2026-57498

HTTP/2 Stream Parser Confusion Body-Inspection Bypass in AWS Application Load Balancer with AWS WAF_CVE-2026-13763

HTTP/2 Stream Parser Confusion Body-Inspection Bypass in Amazon CloudFront with AWS WAF_CVE-2026-13762

Protect Your Attack Surface with RedGem

Security Intelligence
Feed