Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

85 New today

64,295 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

CVE CVSS 4.7

pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap_CVE-2026-48984

pam_usb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree() memory release helper in calls free() without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including o...

CVE-2026-48984 mcdope pam_usb < 0.9.2

Jun 18, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-9692	Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely_CVE-2026-9692 Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely. The default session id generator returns a SHA-1 h...	HAYAJO	Mojolicious::Sessions::Storable	Jun 18, 2026	CVE
MEDIUM 6.7	CVE-2026-55392	NILFS utilities – Undefined Behavior and Out-of-Memory via Unvalidated s_log_block_size_CVE-2026-55392 NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfs_sb_is_valid() function fails to validate s_log_block_size field in NILFS2 superblock ...	nilfs-dev	nilfs-utils	Jun 18, 2026	CVE
MEDIUM 5.3	CVE-2026-48937	CVE-2026-48937_CVE-2026-48937 A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a `GOAWAY` frame. This vulnerability affects two su...	nodejs	node 22.22.3	Jun 18, 2026	CVE
MEDIUM 6.1	CVE-2026-47833	CVE-2026-47833_CVE-2026-47833 setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bp...	Cloud Foundry Foundation	bpm-release	Jun 18, 2026	CVE
HIGH 7.5	PACKETSTORM:223805	📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:223805 WordPress Contest Gallery plugin version 28.1.4 unauthenticated blind SQL Injection exploit written in Python3...	N/A	N/A	Jun 18, 2026	PACKETSTORM
NONE	F5663BA3-FD03-	NextJS-Middleware-Bypass-PoC_F5663BA3-FD03-5E91-BE24-0C0702FCE22F MCID15795619: Next.js Middleware Bypass PoC Executive Summary This repository contains the technical details and Proof of Concept PoC for a High-Se...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT
NONE	0CF22E77-69CF-	SQL-Injection_0CF22E77-69CF-5381-99B9-FA46DAC954C6 SQL-Injection This project, developed in VS Code using JavaScript Node.js, demonstrates the mechanics and remediation of SQL Injection SQLi. It fea...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT
HIGH 8.4	CVE-2026-12390	Access of resource using incompatible type (‘type confusion’) in AzeoTech DAQFactory_CVE-2026-12390 In AzeoTech DAQFactory versions 21.1 and prior, a Type Confusion vulnerability can be exploited by an attacker using specially crafted .ctl files w...	AzeoTech	DAQFactory	Jun 18, 2026	CVE
MEDIUM 6.9	CVE-2026-56099	OpenBSD mpls_do_error Kernel Stack Memory Disclosure via MPLS Input_CVE-2026-56099 OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read vulnerability in the mpls_do_error function within sys/netmpls/mpls_input...	openbsd	src	Jun 18, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap_CVE-2026-48984

Recent Advisories

Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely_CVE-2026-9692

NILFS utilities – Undefined Behavior and Out-of-Memory via Unvalidated s_log_block_size_CVE-2026-55392

CVE-2026-48937_CVE-2026-48937

CVE-2026-47833_CVE-2026-47833

📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:223805

NextJS-Middleware-Bypass-PoC_F5663BA3-FD03-5E91-BE24-0C0702FCE22F

SQL-Injection_0CF22E77-69CF-5381-99B9-FA46DAC954C6

Access of resource using incompatible type (‘type confusion’) in AzeoTech DAQFactory_CVE-2026-12390

OpenBSD mpls_do_error Kernel Stack Memory Disclosure via MPLS Input_CVE-2026-56099

Protect Your Attack Surface with RedGem

Security Intelligence
Feed