Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

147 New today

64,446 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

125

Jun 22

Critical

High

Medium

Low

Latest

CVE CVSS 4.3

Global session revocation does not invalidate active WebSocket connections_CVE-2026-9162

Mattermost versions 11.7.x <= 11.7.0, 11.6.x <= 11.6.2, 11.5.x <= 11.5.5, 10.11.x <= 10.11.17 fail to invalidate cached authentication state for active WebSocket connections during global session revocation, which allows a user with an existing WebSocket connection to remain a...

CVE-2026-9162 Mattermost Mattermost 11.7.0

Jun 22, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.3	CVE-2026-9029	Stored XSS via Geomap Panel Template Variable Attribution Injection_CVE-2026-9029 The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent() runs on the raw template string before g...	Grafana	Grafana OSS 12.4.0	Jun 22, 2026	CVE
LOW 3.8	CVE-2026-8074	Improper Permission Check Allows User Manager to Deactivate Bot Accounts_CVE-2026-8074 Mattermost versions 11.7.x	Mattermost	Mattermost 11.7.0	Jun 22, 2026	CVE
MEDIUM 6.9	CVE-2026-7167	Multiple vulnerabilities in the Assassin game by Gaudire_CVE-2026-7167 The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fak...	Gaudire	Assassin game last version	Jun 22, 2026	CVE
CRITICAL 9.2	CVE-2026-7166	Multiple vulnerabilities in the Assassin game by Gaudire_CVE-2026-7166 Vulnerability involving the exposure of sensitive data provided without adequate protection. The API exposes email and phone number data from the ‘...	Gaudire	Assassin game last version	Jun 22, 2026	CVE
CRITICAL 9.4	CVE-2026-7165	Multiple vulnerabilities in the Assassin game by Gaudire_CVE-2026-7165 The vulnerability is present in the ‘/addJugador’ endpoint: * The 'keyJugador' and 'keyJugadorObjectiu' parameters allow the modification of ot...	Gaudire	Assassin game last version	Jun 22, 2026	CVE
MEDIUM 6.4	CVE-2026-6673	Mattermost Jira plugin had unauthenticated {{/ac/installed}} lifecycle callback during pending Jira Cloud install_CVE-2026-6673 Mattermost versions 11.7.x	Mattermost	Mattermost 11.7.0	Jun 22, 2026	CVE
MEDIUM 4.4	7DF60A36-5B48-	Exploit for CVE-2026-2002_7DF60A36-5B48-59EB-A46D-66756D01D7E4 Sumary The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi...	N/A	N/A	Jun 22, 2026	GITHUBEXPLOIT
HIGH 7	CVE-2026-6653	libxml2: Use after free in xmlParseInternalSubset via improper entity resolution handling_CVE-2026-6653 Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-servic...	GNOME	libxml2 2.9.11	Jun 22, 2026	CVE
MEDIUM 6.4	CVE-2026-6062	IDOR in Jira plugin subscription edit endpoint_CVE-2026-6062 Mattermost versions 11.7.x	Mattermost	Mattermost 11.7.0	Jun 22, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Global session revocation does not invalidate active WebSocket connections_CVE-2026-9162

Recent Advisories

Stored XSS via Geomap Panel Template Variable Attribution Injection_CVE-2026-9029

Improper Permission Check Allows User Manager to Deactivate Bot Accounts_CVE-2026-8074

Multiple vulnerabilities in the Assassin game by Gaudire_CVE-2026-7167

Multiple vulnerabilities in the Assassin game by Gaudire_CVE-2026-7166

Multiple vulnerabilities in the Assassin game by Gaudire_CVE-2026-7165

Mattermost Jira plugin had unauthenticated {{/ac/installed}} lifecycle callback during pending Jira Cloud install_CVE-2026-6673

Exploit for CVE-2026-2002_7DF60A36-5B48-59EB-A46D-66756D01D7E4

libxml2: Use after free in xmlParseInternalSubset via improper entity resolution handling_CVE-2026-6653

IDOR in Jira plugin subscription edit endpoint_CVE-2026-6062

Protect Your Attack Surface with RedGem

Security Intelligence
Feed