Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

128 New today

64,732 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

Jun 23

Critical

High

Medium

Low

Latest

CVE CVSS 5.4

Fabric.js: Improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization_CVE-2026-44311

Fabric.js is a Javascript HTML5 canvas library. Prior to 7.4.0, a potential Cross-Site Scripting (XSS) vulnerability exists in Fabric.js due to improper escaping of user-controlled input during SVG serialization via the toSVG() method. Specifically, the color field within the ...

CVE-2026-44311 fabricjs fabric.js < 7.4.0

Jun 22, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.6	CVE-2025-71358	picklescan – Remote Code Execution via idlelib.autocomplete.AutoComplete.get_entity_CVE-2025-71358 picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete.get_entity function in reduce method...	picklescan	picklescan	Jun 22, 2026	CVE
HIGH 7.6	CVE-2025-71344	picklescan – Arbitrary Code Execution via Undetected ensurepip._run_pip Function_CVE-2025-71344 picklescan before 0.0.30 (affected versions 0.0.26 and earlier) fails to detect the ensurepip._run_pip built-in function when scanning pickle files...	picklescan	picklescan	Jun 22, 2026	CVE
HIGH 7.6	CVE-2025-71339	Picklescan – Arbitrary Code Execution via numpy.f2py.crackfortran._eval_length Gadget_CVE-2025-71339 Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran._eval_length gadget in pickle __reduce__ methods, allowing arbitrary code exec...	Picklescan	Picklescan	Jun 22, 2026	CVE
CRITICAL 9.3	4DC88245-D5D6-	Exploit for CVE-2026-49772_4DC88245-D5D6-582C-AA2B-EE9293E136F3 The Events Calendar SQL Injection CVE-2026-49772 PoC Description CVE-2026-49772 is an unauthenticated blind SQL injection in the WordPress plugin T...	N/A	N/A	Jun 22, 2026	GITHUBEXPLOIT
CRITICAL 9.3	PACKETSTORM:224001	📄 Worksnaps.net Worksnaps Hardcoded Root Cloud Credentials_PACKETSTORM:224001 Silver Leaf Technologies - Worksnaps.net Worksnaps suffers from a hardcoded credential vulnerability. Several application binaries contained hardco...	N/A	N/A	Jun 22, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:223999	📄 Sprecher Automation SPRECON-E-C/-E-P/-E-T3 Missing Secure-Boot / Static Passwords_PACKETSTORM:223999 Sprecher Automation SPRECON-E-C/-E-P/-E-T3 leaks the firmware signing private key, is missing a secure-boot mechanism, has unencrypted flash memory...	N/A	N/A	Jun 22, 2026	PACKETSTORM
HIGH 8.8	MS:CVE-2026-12443	Chromium: CVE-2026-12443 Use after free in Web Authentication_MS:CVE-2026-12443 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 8.8	MS:CVE-2026-12452	Chromium: CVE-2026-12452 Use after free in Downloads_MS:CVE-2026-12452 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
MEDIUM 6.1	MS:CVE-2026-12459	Chromium: CVE-2026-12459 Inappropriate implementation in Serial_MS:CVE-2026-12459 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Fabric.js: Improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization_CVE-2026-44311

Recent Advisories

picklescan – Remote Code Execution via idlelib.autocomplete.AutoComplete.get_entity_CVE-2025-71358

picklescan – Arbitrary Code Execution via Undetected ensurepip._run_pip Function_CVE-2025-71344

Picklescan – Arbitrary Code Execution via numpy.f2py.crackfortran._eval_length Gadget_CVE-2025-71339

Exploit for CVE-2026-49772_4DC88245-D5D6-582C-AA2B-EE9293E136F3

📄 Worksnaps.net Worksnaps Hardcoded Root Cloud Credentials_PACKETSTORM:224001

📄 Sprecher Automation SPRECON-E-C/-E-P/-E-T3 Missing Secure-Boot / Static Passwords_PACKETSTORM:223999

Chromium: CVE-2026-12443 Use after free in Web Authentication_MS:CVE-2026-12443

Chromium: CVE-2026-12452 Use after free in Downloads_MS:CVE-2026-12452

Chromium: CVE-2026-12459 Inappropriate implementation in Serial_MS:CVE-2026-12459

Protect Your Attack Surface with RedGem

Security Intelligence
Feed