Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

140 New today

59,291 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

202

May 22

May 23

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

151

Jun 3

Jun 4

Critical

High

Medium

Low

Latest

CVE CVSS 5.8

CVE-2026-46447_CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info.

CVE-2026-46447 OpenStack Ironic 17.0.0

Jun 3, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-49186	Lack of MQTT Broker Topic Access Control Lists_CVE-2026-49186 The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or...	Acer	Connect M6E 5G Portable WiFi Router *	Jun 4, 2026	CVE
CRITICAL 10	CVE-2026-49185	Instruction Injection via FieldX MDM_CVE-2026-49185 The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection.	Acer	Connect M6E 5G Portable WiFi Router *	Jun 4, 2026	CVE
MEDIUM 5.9	CVE-2026-48681	CVE-2026-48681_CVE-2026-48681 OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.	OpenStack	Ironic 17.0.0	Jun 4, 2026	CVE
MEDIUM 4.9	CVE-2026-44917	CVE-2026-44917_CVE-2026-44917 OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxe_temp...	OpenStack	Ironic 17.0.0	Jun 4, 2026	CVE
CRITICAL 9.9	CVE-2026-41283	CVE-2026-41283_CVE-2026-41283 OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, whi...	OpenStack	Mistral 20.0.0	Jun 4, 2026	CVE
HIGH 8.7	CVE-2026-41010	CVE-2026-41010_CVE-2026-41010 ReleaseJob#unpack builds job_dir = File.join(@release_dir, 'jobs', name) and job_tgz = File.join(@release_dir, 'jobs', "#{name}.tgz") where name re...	Cloud Foundry Foundation	BOSH Director	Jun 4, 2026	CVE
CRITICAL 9.2	A68A628E-AB61-	Exploit for CVE-2026-42945_A68A628E-AB61-551B-9ECD-769EA5A45A85 nginx-rift-scanner Dependency-free Python 3 scanner for CVE-2026-42945 "NGINX Rift" — a CVSS v4.0 9.2 CRITICAL heap-based buffer overflow CWE-122 i...	N/A	N/A	Jun 4, 2026	GITHUBEXPLOIT
MEDIUM 6.5	CVE-2026-8653	MasterStudy LMS Pro Plus <= 4.8.20 - Authenticated (Instructor+) SQL Injection via 'columns' Parameter_CVE-2026-8653 The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the 'columns' parameter in all versions up to, and inc...	StylemixThemes	MasterStudy LMS Pro	Jun 4, 2026	CVE
HIGH 7.5	CVE-2026-10737	SP Project & Document Manager <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure via view_file() Function_CVE-2026-10737 The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the view_file func...	smartypants	SP Project & Document Manager	Jun 4, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CVE-2026-46447_CVE-2026-46447

Recent Advisories

Lack of MQTT Broker Topic Access Control Lists_CVE-2026-49186

Instruction Injection via FieldX MDM_CVE-2026-49185

CVE-2026-48681_CVE-2026-48681

CVE-2026-44917_CVE-2026-44917

CVE-2026-41283_CVE-2026-41283

CVE-2026-41010_CVE-2026-41010

Exploit for CVE-2026-42945_A68A628E-AB61-551B-9ECD-769EA5A45A85

MasterStudy LMS Pro Plus <= 4.8.20 - Authenticated (Instructor+) SQL Injection via 'columns' Parameter_CVE-2026-8653

SP Project & Document Manager <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure via view_file() Function_CVE-2026-10737

Protect Your Attack Surface with RedGem

Security Intelligence
Feed