Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

155 New today

65,733 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 7.5

CVE-2026-48933_CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of `subtle.encrypt()` is a multiple of 2GiB. This vulnerability affects all supported release lines: **Node.js 22**, **Node.js 24**, and **Node.js 26**.

CVE-2026-48933 nodejs node 22.22.3

Jun 26, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.6	CVE-2026-48930	CVE-2026-48930_CVE-2026-48930 A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to silent authority rebinding due to c-string truncation in resol...	nodejs	node 22.22.3	Jun 26, 2026	CVE
MEDIUM 4.2	CVE-2026-48928	CVE-2026-48928_CVE-2026-48928 A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all suppor...	nodejs	node 22.22.3	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2026-48619	CVE-2026-48619_CVE-2026-48619 A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the cli...	nodejs	node 22.22.3	Jun 26, 2026	CVE
HIGH 7.7	CVE-2026-48618	CVE-2026-48618_CVE-2026-48618 A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due t...	nodejs	node 22.22.3	Jun 26, 2026	CVE
MEDIUM 5.9	CVE-2026-48615	CVE-2026-48615_CVE-2026-48615 A flaw in Node.js proxy tunnel error handling could expose proxy credentials in `ERR_PROXY_TUNNEL` error messages. When proxy credentials are em...	nodejs	node 22.22.3	Jun 26, 2026	CVE
MEDIUM 4.8	CVE-2026-8661	Server-Side Cross-Site Scripting and SSRF in Rapid7 InsightConnect Markdown to PDF Plugin_CVE-2026-8661 Server-Side Cross-Site Scripting and Server-Side Request Forgery vulnerability in the markdown_to_pdf action of Rapid7 InsightConnect Markdown Plug...	Rapid7	InsightConnect Markdown Plugin	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-13226	Groundhogg <= 4.5.4 - Authenticated (Custom+) SQL Injection via 'after' Parameter_CVE-2026-13226 The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'after' parameter i...	trainingbusinesspros	Groundhogg — CRM, Newsletters, and Marketing Automation	Jun 26, 2026	CVE
HIGH 8.8	921E88F8-3925-	Exploit for CVE-2026-43503_921E88F8-3925-519D-9067-4928D48E9B4D CVE-2026-43503 — DirtyClone Linux local privilege escalation. A cloned skbuff loses the SKBFLSHAREDFRAG flag, so ESP in-place decryption writes int...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	1BF0634C-CE51-	Binary-Exploitation-and-Reverse-Engineering_1BF0634C-CE51-5BC4-9278-E457B1143B09 Binary Exploitation & Reverse Engineering Lab Hands-on memory-corruption exploitation and reverse engineering. Three escalating exploitation challe...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CVE-2026-48933_CVE-2026-48933

Recent Advisories

CVE-2026-48930_CVE-2026-48930

CVE-2026-48928_CVE-2026-48928

CVE-2026-48619_CVE-2026-48619

CVE-2026-48618_CVE-2026-48618

CVE-2026-48615_CVE-2026-48615

Server-Side Cross-Site Scripting and SSRF in Rapid7 InsightConnect Markdown to PDF Plugin_CVE-2026-8661

Groundhogg <= 4.5.4 - Authenticated (Custom+) SQL Injection via 'after' Parameter_CVE-2026-13226

Exploit for CVE-2026-43503_921E88F8-3925-519D-9067-4928D48E9B4D

Binary-Exploitation-and-Reverse-Engineering_1BF0634C-CE51-5BC4-9278-E457B1143B09

Protect Your Attack Surface with RedGem

Security Intelligence
Feed