Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

476 New today
60,172 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

111
May 24
204
May 25
336
May 26
455
May 27
326
May 28
451
May 29
206
May 30
84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
354
Jun 4
517
Jun 5
17
Jun 6
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.4 CVE-2026-10968

CVE-2026-10968_CVE-2026-10968

Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised...

Google Chrome 149.0.7827.53 CVE
HIGH 8.8 CVE-2026-10966

CVE-2026-10966_CVE-2026-10966

Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape vi...

Google Chrome 149.0.7827.53 CVE
HIGH 8.8 CVE-2026-10955

CVE-2026-10955_CVE-2026-10955

Type Confusion in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory ac...

Google Chrome 149.0.7827.53 CVE
MEDIUM 6.4 CVE-2026-9281

Master Addons For Elementor <= 3.1.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'jtlma_custom_js' Page Setting (Custom JS Extension)_CVE-2026-9281

The Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits plugin for WordPress is vulnerable to Stored Cr...

litonice13 Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits CVE
MEDIUM 4.3 CVE-2026-9008

Page-list <= 6.2 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure via Shortcode Attributes_CVE-2026-9008

The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelist_un...

webvitaly Page-list CVE
HIGH 7.2 CVE-2026-8901

Integration for Freshsales <= 1.0.15 - Unauthenticated Stored Cross-Site Scripting via Form Submission Data_CVE-2026-8901

The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More plugin for WordPress is vulnerable to Stored Cross-Site...

plugcrux Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More CVE
HIGH 7.2 CVE-2026-8438

All-In-One Security (AIOS) <= 5.4.7 - Unauthenticated Stored Cross-Site Scripting via REST API Request Path_CVE-2026-8438

The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and incl...

davidanderson All-In-One Security (AIOS) – Security and Firewall CVE
MEDIUM 6.1 CVE-2026-9280

Ad Inserter <= 2.8.15 - Reflected Cross-Site Scripting via URL Parameters in iframe Mode_CVE-2026-9280

The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode i...

spacetime Ad Inserter – Ad Manager & AdSense Ads CVE
MEDIUM 4.9 CVE-2026-9197

Smart Slider 3 <= 3.5.1.36 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read via 'src'/'srcset' Attribute in HTML Export_CVE-2026-9197

The Smart Slider 3 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.5.1.36 via the replaceHTMLImag...

nextendweb Smart Slider 3 CVE