Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

141 New today
59,310 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

202
May 22
67
May 23
111
May 24
204
May 25
336
May 26
455
May 27
326
May 28
451
May 29
206
May 30
84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
26
Jun 4
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 10 CVE-2026-49185

Instruction Injection via FieldX MDM_CVE-2026-49185

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection.

Acer Connect M6E 5G Portable WiFi Router * CVE
MEDIUM 5.9 CVE-2026-48681

CVE-2026-48681_CVE-2026-48681

OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.

OpenStack Ironic 17.0.0 CVE
MEDIUM 4.9 CVE-2026-44917

CVE-2026-44917_CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxe_temp...

OpenStack Ironic 17.0.0 CVE
CRITICAL 9.9 CVE-2026-41283

CVE-2026-41283_CVE-2026-41283

OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, whi...

OpenStack Mistral 20.0.0 CVE
HIGH 8.7 CVE-2026-41010

CVE-2026-41010_CVE-2026-41010

ReleaseJob#unpack builds job_dir = File.join(@release_dir, 'jobs', name) and job_tgz = File.join(@release_dir, 'jobs', "#{name}.tgz") where name re...

Cloud Foundry Foundation BOSH Director CVE
CRITICAL 9.2 A68A628E-AB61-

Exploit for CVE-2026-42945_A68A628E-AB61-551B-9ECD-769EA5A45A85

nginx-rift-scanner Dependency-free Python 3 scanner for CVE-2026-42945 "NGINX Rift" — a CVSS v4.0 9.2 CRITICAL heap-based buffer overflow CWE-122 i...

N/A N/A GITHUBEXPLOIT
MEDIUM 6.5 CVE-2026-8653

MasterStudy LMS Pro Plus <= 4.8.20 - Authenticated (Instructor+) SQL Injection via 'columns' Parameter_CVE-2026-8653

The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the 'columns' parameter in all versions up to, and inc...

StylemixThemes MasterStudy LMS Pro CVE
HIGH 7.5 CVE-2026-10737

SP Project & Document Manager <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure via view_file() Function_CVE-2026-10737

The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the view_file func...

smartypants SP Project & Document Manager CVE
HIGH 7.1 CVE-2026-41860

CVE-2026-41860_CVE-2026-41860

CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelper#create_async_end...

Cloud Foundry Foundation BOSH CVE