Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

147 New today
59,318 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

202
May 22
67
May 23
111
May 24
204
May 25
336
May 26
455
May 27
326
May 28
451
May 29
206
May 30
84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
34
Jun 4
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.1 CVE-2026-20175

Cisco Finesse File Inclusion Vulnerability_CVE-2026-20175

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user ...

Cisco Cisco Finesse 11.0(1)ES_Rollback CVE
HIGH 8.4 CVE-2026-7888

Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Workflow, Form block, and File/Set components that lack the allowed_classes restriction._CVE-2026-7888

Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Workflow, Form block, and File/Set components that la...

Concrete CMS Concrete CMS 5.0 CVE
MEDIUM 4.4 CVE-2026-45702

OP-TEE has FF-A type confusion in SPMC tmem path that causes S-EL1 kernel panic_CVE-2026-45702

OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZo...

OP-TEE optee_os >= 4.3.0, < 4.11.0 CVE
MEDIUM 4.7 CVE-2026-45614

OP-TEE vulnerable to ECDH private key recovery_CVE-2026-45614

OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZo...

OP-TEE optee_os < 4.11.0 CVE
MEDIUM 5.1 CVE-2026-42840

ERPNext 16.16.0 – Stored XSS in POS customer section via unescaped template literals_CVE-2026-42840

An authenticated user can persist arbitrary HTML/JavaScript in the email_id or mobile_no fields of a Customer record and trigger unescaped renderin...

Frappe ERPNext 16.16.0 CVE
MEDIUM 4.8 CVE-2026-42839

ERPNext 16.16.0 – Stored XSS in POS cart item rendering_CVE-2026-42839

An authenticated ERPNext user with Item record edit permissions can persist arbitrary HTML/JavaScript in the item_name, description, or image field...

Frappe ERPNext 16.16.0 CVE
CRITICAL 9.8 PACKETSTORM:222614

📄 MCPJam Inspector 1.4.2 Command Injection_PACKETSTORM:222614

This is an advanced Python proof of concept for CVE-2026-23744 demonstrating command injection through a vulnerable MCP API endpoint, leading to re...

N/A N/A PACKETSTORM
CRITICAL 9.8 7FE5A510-990A-

Exploit for Prototype Pollution in Cure53 Dompurify_7FE5A510-990A-5CCB-9427-6AA5D7B10937

No description provided...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 393A755A-8E32-

Exploit for Stack-based Buffer Overflow in Microsoft_393A755A-8E32-59DA-B6AC-2DE1A68B3BB0

LongLogon · CVE-2026-41089 LongLogon is an unauthenticated, non-destructive precondition checker for CVE-2026-41089, a pre-auth stack buffer overfl...

N/A N/A GITHUBEXPLOIT