Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

165 New today

60,259 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

151

Jun 3

354

Jun 4

517

Jun 5

104

Jun 6

Critical

High

Medium

Low

Latest

THN CVSS 7.5

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog_THN:74EB74663A9229D934363355C5927F84

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQ_ZbsHhh5kUS5501itVSeBa91H50qNfHH_PQ1_2WEDLi-B_eKslYeu1_43fNAW55Z9TVR5ae8ZIGDm4vZQS0B7IHvG9Gdp4Knzt8QB1E7317tyEVhJYR8xo1HJ_vf6Ynrdtfj_u-pcryZ5NVulL7vw_9KLaGomIjKe40GYClUu-FDtXXwuKAfK7V8mKN-/s1600/solarwinds-serv-u...

THN:74EB74663A9229D934363355C5927F84

Jun 6, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	THN:DA2FCA79C0C...	Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI_THN:DA2FCA79C0C6D04CAA866AECB4D6FD68 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKr3KoscB_oGLqU5_JV16DIaB7jXY1ko8PiJDTuwrxbHcZV2DYJpfkx8lqwNbscwTSTVQUMwd8vBf-nI13mQ...	N/A	N/A	Jun 6, 2026	THN
HIGH 8	CB25E601-F8DB-	Exploit for Heap-based Buffer Overflow in Mediatek Mt6890_Firmware_CB25E601-F8DB-5A0A-9D27-2D1C005BFA43 CVE-2026-20452 — MediaTek WLAN AP Heap Overflow PoC Proof of concept exploit for CVE-2026-20452, a heap-based buffer overflow in MediaTek's WLAN Ac...	N/A	N/A	Jun 6, 2026	GITHUBEXPLOIT
NONE	THN:ED7CB5908CA...	Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack_THN:ED7CB5908CA7EDF70F93B2175FB7C683 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgG8k6LtHNQ3cHl_X1AZbXRn6LZCNZ6lMLjy-9HG7-_OQekMOhCQKkktrnMqVteXfmGHBMMlbTv3v9Rl6kKjX...	N/A	N/A	Jun 6, 2026	THN
HIGH 7.2	CVE-2026-9851	Booking Package <= 1.7.16 - Authenticated (Editor+) Privilege Escalation via Account Takeover to updateUser AJAX Action_CVE-2026-9851 The Booking Package plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in versions up to, and including, 1.7.16. This ...	masaakitanaka	Booking Package	Jun 6, 2026	CVE
MEDIUM 6.5	CVE-2026-9829	Photo Gallery by 10Web <= 1.8.41 - Authenticated (Contributor+) SQL Injection via 'compact_album_order_by' Shortcode Parameter_CVE-2026-9829 The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based SQL Injection via 'compact_album_order_...	10web	Photo Gallery by 10Web – Mobile-Friendly Image Gallery	Jun 6, 2026	CVE
MEDIUM 4.4	CVE-2026-9594	WP Maps <= 4.9.4 - Authenticated (Admin+) Stored Cross-Site Scripting via 'location_messages' Parameter_CVE-2026-9594 The WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Sc...	flippercode	WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters	Jun 6, 2026	CVE
MEDIUM 5.3	CVE-2026-9016	Debug Log Manager <= 2.5.0 - Unauthenticated Improper Output Neutralization for Logs via log_js_errors AJAX Action_CVE-2026-9016 The Debug Log Manager – Conveniently Monitor and Inspect Errors plugin for WordPress is vulnerable to Improper Output Neutralization for Logs in al...	qriouslad	Debug Log Manager – Conveniently Monitor and Inspect Errors	Jun 6, 2026	CVE
MEDIUM 5.3	CVE-2026-8839	MapPress Maps for WordPress <= 2.96.6 - Unauthenticated Insecure Direct Object Reference via REST API Endpoints_CVE-2026-8839 The MapPress Maps for WordPress plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and i...	chrisvrichardson	MapPress Maps for WordPress	Jun 6, 2026	CVE
MEDIUM 4.3	CVE-2026-8611	Klamra Paycal for Aspaclaria <= 1.1.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Sensitive Information Exposure via 'invoice_id' Parameter_CVE-2026-8611 The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.4...	klamra22	Klamra Paycal for Aspaclaria	Jun 6, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog_THN:74EB74663A9229D934363355C5927F84

Recent Advisories

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI_THN:DA2FCA79C0C6D04CAA866AECB4D6FD68

Exploit for Heap-based Buffer Overflow in Mediatek Mt6890_Firmware_CB25E601-F8DB-5A0A-9D27-2D1C005BFA43

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack_THN:ED7CB5908CA7EDF70F93B2175FB7C683

Booking Package <= 1.7.16 - Authenticated (Editor+) Privilege Escalation via Account Takeover to updateUser AJAX Action_CVE-2026-9851

Photo Gallery by 10Web <= 1.8.41 - Authenticated (Contributor+) SQL Injection via 'compact_album_order_by' Shortcode Parameter_CVE-2026-9829

WP Maps <= 4.9.4 - Authenticated (Admin+) Stored Cross-Site Scripting via 'location_messages' Parameter_CVE-2026-9594

Debug Log Manager <= 2.5.0 - Unauthenticated Improper Output Neutralization for Logs via log_js_errors AJAX Action_CVE-2026-9016

MapPress Maps for WordPress <= 2.96.6 - Unauthenticated Insecure Direct Object Reference via REST API Endpoints_CVE-2026-8839

Klamra Paycal for Aspaclaria <= 1.1.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Sensitive Information Exposure via 'invoice_id' Parameter_CVE-2026-8611

Protect Your Attack Surface with RedGem

Security Intelligence
Feed