Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

292 New today
64,923 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
285
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-56402

NanoClaw < 2.1.17 - Privilege Escalation via Unverified Approval Response Handler_CVE-2026-56402

NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the handleApprovalsResponse function that fails to verify responder role au...

nanocoai nanoclaw CVE
MEDIUM 5.8 CVE-2026-55767

Guzzle: Dot-Only Cookie Domains Match All Hosts in guzzlehttp/guzzle_CVE-2026-55767

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-pad...

guzzle guzzle < 7.12.1 CVE
MEDIUM 4.8 CVE-2026-55766

guzzlehttp/psr7: CRLF Injection in HTTP Start-Line Serialization_CVE-2026-55766

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.1, guzzlehttp/psr7 did not reject CR/LF characters in certain ...

guzzle psr7 < 2.12.1 CVE
MEDIUM 5.9 CVE-2026-55568

Guzzle: Silent HTTPS-Proxy Downgrade to Cleartext_CVE-2026-55568

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, in certain configurations, traffic expected to be protected by TLS on the hop to the prox...

guzzle guzzle < 7.12.1 CVE
MEDIUM 6.3 CVE-2026-54314

n8n: Denial of Service via ZIP decompression in webhook workflow_CVE-2026-54314

n8n is an open source workflow automation platform. Prior to 2.24.0, the Compression node's Decompress operation expanded attacker-controlled archi...

n8n-io n8n < 2.24.0 CVE
MEDIUM 6.5 CVE-2026-54313

n8n: NoSQL Injection in MongoDB Node Find And Replace Operation_CVE-2026-54313

n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with workflow edit access could supply a malicious filte...

n8n-io n8n < 2.24.0 CVE
HIGH 7.2 CVE-2026-54312

n8n: Microsoft SQL Node Prototype Pollution_CVE-2026-54312

n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with permission to create or modify workflows could achi...

n8n-io n8n < 2.24.0 CVE
MEDIUM 6 CVE-2026-54311

n8n: Merge Node SQL Mode Prototype Pollution_CVE-2026-54311

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows...

n8n-io n8n >= 2.26.0, < 2.26.2 CVE
MEDIUM 6.5 CVE-2026-54310

n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes_CVE-2026-54310

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows...

n8n-io n8n >= 2.26.0, < 2.26.2 CVE