Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

143 New today

59,294 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

202

May 22

May 23

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

151

Jun 3

Jun 4

Critical

High

Medium

Low

Latest

CVE CVSS 7.3

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeys_as_arrayref is enabled_CVE-2026-9334

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeys_as_arrayref is enabled. decode_hv() collapses duplicate object keys into an array reference under dupkeys_as_arrayref. The branch reached for a duplicate key tests `SvTY...

CVE-2026-9334 RURBAN Cpanel::JSON::XS

Jun 3, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2025-70101	CVE-2025-70101_CVE-2025-70101 An out-of-bounds read in the ext4_ext_binsearch_idx function in src/ext4_extent.c of the lwext4 1.0.0 library allows attackers to cause a denial of...	n/a	n/a n/a	Jun 3, 2026	CVE
MEDIUM 5.5	CVE-2025-70100	CVE-2025-70100_CVE-2025-70100 A divide-by-zero vulnerability in the ext4_block_set_lb_size function in src/ext4_blockdev.c of the lwext4 1.0.0 library allows attackers to cause ...	n/a	n/a n/a	Jun 3, 2026	CVE
MEDIUM 5	CVE-2025-60477	CVE-2025-60477_CVE-2025-60477 A NULL pointer dereference in the gf_filter_pid_resolve_file_template_ex function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0...	n/a	n/a n/a	Jun 3, 2026	CVE
HIGH 7.3	CVE-2026-37462	CVE-2026-37462_CVE-2026-37462 An integer underflow in the BGPUpdate.DecodeFromBytes function (/bgp/bgp.go) of gobgp v4.3.0 allows attackers to cause a Denial of Service (DoS) vi...	n/a	n/a n/a	Jun 3, 2026	CVE
CRITICAL 9	CVE-2026-36748	CVE-2026-36748_CVE-2026-36748 RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting (XSS) via Social Media links in user profile.	Rock RMS	RockRMS v16.13, before v17.7.0	Jun 3, 2026	CVE
CRITICAL 9.8	CVE-2026-36576	CVE-2026-36576_CVE-2026-36576 An OS command injection vulnerability in the app.py component of openlabs docker-wkhtmltopdf-aas up to commit 9f50579 allows attackers to execute a...	openlabs	docker-wkhtmltopdf-aas up to commit 9f50579	Jun 3, 2026	CVE
HIGH 7.8	CVE-2026-40290	OP-TEE has a Use-After-Free race in FF-A shared-memory teardown_CVE-2026-40290 OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZo...	OP-TEE	optee_os >= 3.16.0, < 4.11.0	Jun 3, 2026	CVE
MEDIUM 6.3	CVE-2026-39107	CVE-2026-39107_CVE-2026-39107 A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails to properly sanitize or en...	n/a	n/a n/a	Jun 3, 2026	CVE
MEDIUM 4.3	CVE-2026-36615	CVE-2026-36615_CVE-2026-36615 Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents t...	n/a	n/a n/a	Jun 3, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeys_as_arrayref is enabled_CVE-2026-9334

Recent Advisories

CVE-2025-70101_CVE-2025-70101

CVE-2025-70100_CVE-2025-70100

CVE-2025-60477_CVE-2025-60477

CVE-2026-37462_CVE-2026-37462

CVE-2026-36748_CVE-2026-36748

CVE-2026-36576_CVE-2026-36576

OP-TEE has a Use-After-Free race in FF-A shared-memory teardown_CVE-2026-40290

CVE-2026-39107_CVE-2026-39107

CVE-2026-36615_CVE-2026-36615

Protect Your Attack Surface with RedGem

Security Intelligence
Feed