Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

55 New today
62,196 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

417
Jun 1
295
Jun 2
151
Jun 3
354
Jun 4
517
Jun 5
109
Jun 6
32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
55
Jun 13
Jun 14
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 4.3 CVE-2026-47263

Discourse: Prevent webhook payload disclosure on event redelivery_CVE-2026-47263

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0...

discourse discourse >= 2026.1.0-latest, < 2026.1.4 CVE
MEDIUM 6.8 CVE-2026-45775

Discourse: Cross-site backup access via path traversal in multisite local backups_CVE-2026-45775

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0...

discourse discourse >= 2026.1.0-latest, < 2026.1.4 CVE
MEDIUM 5.3 CVE-2026-45085

Discourse: Chat misauthorization and information disclosure_CVE-2026-45085

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0...

discourse discourse >= 2026.1.0-latest, < 2026.1.4 CVE
MEDIUM 5.3 CVE-2026-45014

Apostrophe Vulnerable to Stored Cross-Site Scripting via Unsanitized User Display Name in Draft Version Tooltip_CVE-2026-45014

ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 are vulnerable to stored cross-site scriptin...

apostrophecms apostrophe <= 4.29.0 CVE
HIGH 8.1 CVE-2026-45013

Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation_CVE-2026-45013

ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 have a password reset flow that constructs t...

apostrophecms apostrophe <= 4.29.0 CVE
HIGH 7.6 CVE-2026-45012

Apostrophe has authenticated SSRF in rich-text widget import via @apostrophecms/area/validate-widget_CVE-2026-45012

ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 contain an authenticated server-side request...

apostrophecms apostrophe <= 4.29.0 CVE
HIGH 7.3 CVE-2026-45011

Apostrophe has stored XSS via javascript: URL in Image Widget Link_CVE-2026-45011

ApostropheCMS is an open-source Node.js content management system. Version 4.29.0 has a stored cross-site scripting vulnerability in the image widg...

apostrophecms apostrophe = 4.29.0 CVE
CRITICAL 9.3 CVE-2026-44990

Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`_CVE-2026-44990

ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Under the d...

apostrophecms sanitize-html < 2.17.4 CVE
HIGH 7.5 CVE-2026-44786

Discourse: Public chat MessageBus broadcasts are not restricted to chat-eligible users_CVE-2026-44786

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0...

discourse discourse >= 2026.1.0-latest, < 2026.1.4 CVE