Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

208 New today

59,492 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

May 23

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

151

Jun 3

208

Jun 4

Jun 5

Critical

High

Medium

Low

Latest

CVE CVSS 8.6

Shibby Tomato Web UI rc start_6rd_tunnel os command injection_CVE-2026-10871

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start_6rd_tunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv6_6rd_borderrelay leads to os command injection. It is possible to launch the ...

CVE-2026-10871 Shibby Tomato 1.28.0000

Jun 4, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-8888	CVE-2026-8888_CVE-2026-8888 Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressio...	Securly	Securly Chrome Extension	Jun 3, 2026	CVE
HIGH 7.5	CVE-2026-8881	CVE-2026-8881_CVE-2026-8881 Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been b...	Securly	Securly Chrome Extension	Jun 3, 2026	CVE
MEDIUM 6.5	CVE-2026-8722	Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections_CVE-2026-8722 Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes...	TEAM	Net::Async::Statsd::Client	Jun 3, 2026	CVE
CRITICAL 9.8	CVE-2025-67446	CVE-2025-67446_CVE-2025-67446 Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cook...	Neterbit	NW-431F Router 20241014-IR03 and before	Jun 4, 2026	CVE
HIGH 7.4	CVE-2026-50292	CVE-2026-50292_CVE-2026-50292 In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary roo...	freedesktop	libinput	Jun 4, 2026	CVE
MEDIUM 6.8	CVE-2026-48040	netty-incubator-codec-ohttp’s Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access_CVE-2026-48040 The netty incubator codec.bhttp is a java language binary http parser. The library implements Oblivious HTTP (RFC 9458) using BoringSSL's HPKE C li...	netty	netty-incubator-codec-ohttp < 0.0.22.Final	Jun 4, 2026	CVE
MEDIUM 5.4	CVE-2026-42547	IRIS Alerts Can be Falsely Attributed to Customers_CVE-2026-42547 IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, use...	dfir-iris	iris-web < 2.4.28	Jun 4, 2026	CVE
MEDIUM 4.3	CVE-2026-42543	IRIS has a Cross-Site Request Forgery (CSRF) issue_CVE-2026-42543 IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 are vul...	dfir-iris	iris-web < 2.4.28	Jun 4, 2026	CVE
MEDIUM 4.3	CVE-2026-42540	IRIS has a Mass Assignment issue_CVE-2026-42540 IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a...	dfir-iris	iris-web < 2.4.28	Jun 4, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Shibby Tomato Web UI rc start_6rd_tunnel os command injection_CVE-2026-10871

Recent Advisories

CVE-2026-8888_CVE-2026-8888

CVE-2026-8881_CVE-2026-8881

Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections_CVE-2026-8722

CVE-2025-67446_CVE-2025-67446

CVE-2026-50292_CVE-2026-50292

netty-incubator-codec-ohttp’s Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access_CVE-2026-48040

IRIS Alerts Can be Falsely Attributed to Customers_CVE-2026-42547

IRIS has a Cross-Site Request Forgery (CSRF) issue_CVE-2026-42543

IRIS has a Mass Assignment issue_CVE-2026-42540

Protect Your Attack Surface with RedGem

Security Intelligence
Feed