Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

208 New today
59,492 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

67
May 23
111
May 24
204
May 25
336
May 26
455
May 27
326
May 28
451
May 29
206
May 30
84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
208
Jun 4
Jun 5
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 4.7 CVE-2026-42329

Iris has an Open Redirect issue_CVE-2026-42329

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 contain...

dfir-iris iris-web < 2.4.28 CVE
HIGH 8.6 CVE-2026-10870

Shibby Tomato Web UI rc start_dhcpc os command injection_CVE-2026-10870

A flaw has been found in Shibby Tomato 1.28.0000. This affects the function start_dhcpc of the file /sbin/rc of the component Web UI. This manipula...

Shibby Tomato 1.28.0000 CVE
HIGH 8.2 CVE-2025-69755

CVE-2025-69755_CVE-2025-69755

An issue in Neterbit NW-431F Router vNW-431F-20241014-IR03 allows a remote attacker to obtain sensitive information and execute arbitrary code via ...

n/a n/a n/a CVE
HIGH 7.1 CVE-2025-67448

CVE-2025-67448_CVE-2025-67448

The SMS module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to stored XSS. The application does not properly sanitize user inp...

n/a n/a n/a CVE
CRITICAL 9.8 CVE-2025-67447

CVE-2025-67447_CVE-2025-67447

The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does...

Neterbit Neterbit NW-431F Router 20241014-IR03 and before CVE
MEDIUM 6.6 CVE-2026-48480

netty-incubator-codec-ohttp OHttpVersionChunkDraft’s Missing Final-Chunk Enforcement Leads to Undetected Stream Truncation_CVE-2026-48480

The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.22.FInal, the codec-ohttp implementation of draft-ietf-...

netty netty-incubator-codec-ohttp < 0.0.22.Final CVE
HIGH 8.6 CVE-2026-41237

Froxlor has an incomplete fix for CVE-2026-30932_CVE-2026-41237

Froxlor is open source server administration software. In version 2.3.6 and earlier, the LOC record regex uses `\s+` which matches newlines (allowi...

froxlor froxlor < 2.3.7 CVE
HIGH 8.8 CVE-2026-41236

Froxlor has privilege escalation in SSH key synchronization via symlinked `authorized_keys` path_CVE-2026-41236

Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization pa...

froxlor froxlor = 2.3.6 CVE
HIGH 8.6 CVE-2026-41235

Froxlor has an authorization bypass in FTP shell assignment via missing server-side `available_shells` enforcement_CVE-2026-41235

Froxlor is open source server administration software. Version 2.3.6 lets administrators configure `system.available_shells` as the approved shell ...

froxlor froxlor = 2.3.6 CVE