Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

227 New today

66,926 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

284

Jun 29

222

Jun 30

Critical

High

Medium

Low

Latest

CVE CVSS 6.5

WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57326

Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions.

CVE-2026-57326 Strategy11 Team Business Directory n/a

Jun 29, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-57320	WordPress BEAR plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57320 Unauthenticated Cross Site Scripting (XSS) in BEAR	RealMag777	BEAR n/a	Jun 29, 2026	CVE
CRITICAL 10	CVE-2026-56290	Joomla Extension – joomlack.fr – Unauthenticated file upload in Page Builder CK extension < 3.6.0_CVE-2026-56290 The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to ...	joomlack.fr	JoomlaCK.fr Page Builder CK extension for Joomla 1.0-3.6.0	Jun 29, 2026	CVE
HIGH 8.7	CVE-2026-56124	phpUploader < 2.0.2 Unauthenticated Database Exposure via index model_CVE-2026-56124 phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents ...	shimosyan	phpUploader	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-55844	Home Assistant: iOS Companion App ignores internal SSID allowlist for connections – possible leak of access token and sensor data_CVE-2026-55844 Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores ...	home-assistant	core < 2025.5.0	Jun 29, 2026	CVE
HIGH 7.7	CVE-2026-55607	Claude Code: Sandbox Escape via Git Worktree Path Confusion Allows Unsandboxed Code Execution_CVE-2026-55607 Claude Code is an agentic coding tool. From 2.1.38 until 2.1.163, Claude Code's worktree handling allowed creation of worktrees named ".git" and n...	anthropics	claude-code >= 2.1.38, < 2.1.163	Jun 29, 2026	CVE
MEDIUM 4.4	CVE-2026-46406	Claude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File Write_CVE-2026-46406 Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path (...	anthropics	claude-code >= 2.1.59, < 2.1.128	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13579	itsourcecode Hospital Management System patientchangepassword.php sql injection_CVE-2026-13579 A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /pa...	itsourcecode	Hospital Management System 1.0	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13578	itsourcecode Hospital Management System patientdetail.php sql injection_CVE-2026-13578 A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of t...	itsourcecode	Hospital Management System 1.0	Jun 29, 2026	CVE
MEDIUM 4.8	CVE-2026-13574	llvm llvm-project Bitcode File IntrinsicInst.cpp getBasePtr heap-based overflow_CVE-2026-13574 A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/I...	llvm	llvm-project 22.1.0	Jun 29, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57326

Recent Advisories

WordPress BEAR plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57320

Joomla Extension – joomlack.fr – Unauthenticated file upload in Page Builder CK extension < 3.6.0_CVE-2026-56290

phpUploader < 2.0.2 Unauthenticated Database Exposure via index model_CVE-2026-56124

Home Assistant: iOS Companion App ignores internal SSID allowlist for connections – possible leak of access token and sensor data_CVE-2026-55844

Claude Code: Sandbox Escape via Git Worktree Path Confusion Allows Unsandboxed Code Execution_CVE-2026-55607

Claude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File Write_CVE-2026-46406

itsourcecode Hospital Management System patientchangepassword.php sql injection_CVE-2026-13579

itsourcecode Hospital Management System patientdetail.php sql injection_CVE-2026-13578

llvm llvm-project Bitcode File IntrinsicInst.cpp getBasePtr heap-based overflow_CVE-2026-13574

Protect Your Attack Surface with RedGem

Security Intelligence
Feed