Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

321 New today

65,906 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

243

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 7.5

Lack of limit on tile sizes in x/image/tiff in golang.org/x/image_CVE-2026-46602

The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption.

CVE-2026-46602 golang.org/x/image golang.org/x/image/tiff

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-46601	Panic on VP8 alpha channel size mismatch in x/image/webp in golang.org/x/image_CVE-2026-46601 The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size.	golang.org/x/image	golang.org/x/image/webp	Jun 25, 2026	CVE
HIGH 7.7	CVE-2026-37149	CVE-2026-37149_CVE-2026-37149 GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0 was discovered to contain a SQL injection vulnerability in the scost parameter ...	n/a	n/a n/a	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-37454	CVE-2026-37454_CVE-2026-37454 Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DE...	n/a	n/a n/a	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-37453	CVE-2026-37453_CVE-2026-37453 Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSI...	n/a	n/a n/a	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-38637	CVE-2026-38637_CVE-2026-38637 An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via a crafted ...	n/a	n/a n/a	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-37452	CVE-2026-37452_CVE-2026-37452 Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSI...	n/a	n/a n/a	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-8380	Frontend File Manager Plugin <= 23.6 - Author+ Arbitrary Post Deletion_CVE-2026-8380 The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion,...	Unknown	Frontend File Manager Plugin	Jun 26, 2026	CVE
HIGH 7.7	CVE-2026-10835	SALESmanago & Leadoo < 3.11.3 - Subscriber+ SQL Injection_CVE-2026-10835 The SALESmanago & Leadoo WordPress plugin before 3.11.3 does not properly sanitise and escape a parameter passed to one of its AJAX actions before ...	Unknown	SALESmanago & Leadoo	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-49486	Apache Airflow FTP provider: FTP Provider does not protect FTPS data channel (missing PROT_P)_CVE-2026-49486 The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control...	Apache Software Foundation	Apache Airflow FTP provider	Jun 26, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Lack of limit on tile sizes in x/image/tiff in golang.org/x/image_CVE-2026-46602

Recent Advisories

Panic on VP8 alpha channel size mismatch in x/image/webp in golang.org/x/image_CVE-2026-46601

CVE-2026-37149_CVE-2026-37149

CVE-2026-37454_CVE-2026-37454

CVE-2026-37453_CVE-2026-37453

CVE-2026-38637_CVE-2026-38637

CVE-2026-37452_CVE-2026-37452

Frontend File Manager Plugin <= 23.6 - Author+ Arbitrary Post Deletion_CVE-2026-8380

SALESmanago & Leadoo < 3.11.3 - Subscriber+ SQL Injection_CVE-2026-10835

Apache Airflow FTP provider: FTP Provider does not protect FTPS data channel (missing PROT_P)_CVE-2026-49486

Protect Your Attack Surface with RedGem

Security Intelligence
Feed