Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

147 New today
59,318 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

202
May 22
67
May 23
111
May 24
204
May 25
336
May 26
455
May 27
326
May 28
451
May 29
206
May 30
84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
34
Jun 4
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.3 CVE-2026-49192

Summary Service Insecure Direct Object Reference_CVE-2026-49192

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device...

Acer Connect M6E 5G Portable WiFi Router * CVE
CRITICAL 9.3 CVE-2026-49191

Exposed Hard-coded M3WebServer Backend API Key_CVE-2026-49191

The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages.

Acer Connect M6E 5G Portable WiFi Router * CVE
CRITICAL 9.4 CVE-2026-49190

Missing Per-Instruction Authorization Checks_CVE-2026-49190

The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application instal...

Acer Connect M6E 5G Portable WiFi Router * CVE
NONE THN:1914490991B...

DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets_THN:1914490991B466716EED3AB4A2342670

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTf5wAHnoXtVauiln2MwlVvLc4LxcL8SBTLuW648LfFhUd8QyuOUfjmg0Hd91QlksmWF2u-PQhxHDTDmseMI...

N/A N/A THN
CRITICAL 9.8 021063E9-0EFC-

Exploit for SQL Injection in Wpdeveloper Notificationx_021063E9-0EFC-5BB3-A717-3C9223961E61

CVE-2024-1698 – NotificationX WordPress Plugin SQL Injection Time‑Based Blind Unauthenticated Time‑Based Blind SQL Injection → Extract admin userna...

N/A N/A GITHUBEXPLOIT
NONE 74A7BA4E-D496-

Exploit for CVE-2026-49975_74A7BA4E-D496-587B-A72A-FA0BE663F994

CVE-2026-49975 — HTTP/2 Bomb PoC Proof-of-concept exploit for CVE-2026-49975, a remote denial-of-service vulnerability in HTTP/2 server implementat...

N/A N/A GITHUBEXPLOIT
MEDIUM 5.8 CVE-2026-46447

CVE-2026-46447_CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info.

OpenStack Ironic 17.0.0 CVE
HIGH 8.6 CVE-2026-49186

Lack of MQTT Broker Topic Access Control Lists_CVE-2026-49186

The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or...

Acer Connect M6E 5G Portable WiFi Router * CVE
CRITICAL 10 CVE-2026-49185

Instruction Injection via FieldX MDM_CVE-2026-49185

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection.

Acer Connect M6E 5G Portable WiFi Router * CVE