Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

285 New today

64,923 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

285

Jun 23

Critical

High

Medium

Low

Latest

CVE CVSS 7.8

tarfile extraction filter bypass allows escaping the destination directory_CVE-2026-11940

tarfile.extractall() with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at ...

CVE-2026-11940 Python Software Foundation CPython

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2025-61025	CVE-2025-61025_CVE-2025-61025 An issue in the sslr_qst_get component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL ...	n/a	n/a n/a	Jun 23, 2026	CVE
HIGH 7.5	CVE-2025-61022	CVE-2025-61022_CVE-2025-61022 An issue in the sqlo_tb_col_preds component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted...	n/a	n/a n/a	Jun 23, 2026	CVE
HIGH 7.5	CVE-2025-61020	CVE-2025-61020_CVE-2025-61020 An issue in the sqlo_strip_in_join component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafte...	n/a	n/a n/a	Jun 23, 2026	CVE
HIGH 7.5	CVE-2025-61018	CVE-2025-61018_CVE-2025-61018 An issue in the sqlo_place_dt_set component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted...	n/a	n/a n/a	Jun 23, 2026	CVE
MEDIUM 4.4	CVE-2025-13162	Advant Master Online Builder DLL vulnerability_CVE-2025-13162 Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: throug...	ABB	Control Builder A	Jun 23, 2026	CVE
LOW 2.9	CVE-2026-57062	CVE-2026-57062_CVE-2026-57062 CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to...	GnuPG	GnuPG	Jun 23, 2026	CVE
MEDIUM 4	CVE-2026-57053	CVE-2026-57053_CVE-2026-57053 GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_inte...	GNU	libidn	Jun 23, 2026	CVE
MEDIUM 4.3	CVE-2026-55517	Deno: Denial of service via non-ASCII bytes in WebSocket response headers_CVE-2026-55517 Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed...	denoland	deno < 2.7.5	Jun 23, 2026	CVE
MEDIUM 6	CVE-2026-54316	Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch_CVE-2026-54316 Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the ...	anthropics	claude-code >= 0.2.54, < 2.1.163	Jun 23, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

tarfile extraction filter bypass allows escaping the destination directory_CVE-2026-11940

Recent Advisories

CVE-2025-61025_CVE-2025-61025

CVE-2025-61022_CVE-2025-61022

CVE-2025-61020_CVE-2025-61020

CVE-2025-61018_CVE-2025-61018

Advant Master Online Builder DLL vulnerability_CVE-2025-13162

CVE-2026-57062_CVE-2026-57062

CVE-2026-57053_CVE-2026-57053

Deno: Denial of service via non-ASCII bytes in WebSocket response headers_CVE-2026-55517

Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch_CVE-2026-54316

Protect Your Attack Surface with RedGem

Security Intelligence
Feed