Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

324 New today

65,969 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

306

Jun 26

Critical

High

Medium

Low

Latest

THN CVSS 10

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks_THN:7EF04AAF4274557391FF629872DDC867

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsnAZNjHSEX7UtabbKNVn68uohH8pK5LKuU2CgckZTJowWHxYmEjx9ROquO9tFsThy-3_759_ko2TQEX4Wm3PI1Y-opfzyeAzW8Tni0-gz2YMtPMln9XQRzcKq1mviZSTW7MNShxVRhbuUXBSuNGTNStlwj_NCfFsyrptpXvkLNt5CUfARwENz0IshNDma/s1600/shark.jpg) A new...

THN:7EF04AAF4274557391FF629872DDC867

Jun 26, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.4	PACKETSTORM:224389	📄 Docmost Cross Site Scripting_PACKETSTORM:224389 Docmost versions prior to 0.71.0 suffer from a persistent cross site scripting vulnerability...	N/A	N/A	Jun 26, 2026	PACKETSTORM
HIGH 7.6	PACKETSTORM:224380	📄 TypeBot Server-Side Request Forgery_PACKETSTORM:224380 TypeBot versions prior to 3.16.0 suffer from a server-side request forgery vulnerability...	N/A	N/A	Jun 26, 2026	PACKETSTORM
MEDIUM 5.4	PACKETSTORM:224388	📄 Docmost 0.70.x Authorization Bypass_PACKETSTORM:224388 A low-privileged Docmost user could supply a victim attachmentId to the generic upload endpoint and overwrite another page's stored attachment insi...	N/A	N/A	Jun 26, 2026	PACKETSTORM
HIGH 8.6	PACKETSTORM:224376	📄 Yeoman Environment 6.0.0 Code Execution_PACKETSTORM:224376 Yeoman Environment versions 2.9.0 through 6.0.0 have an issue where missing generators can be installed without user confirmation, turning attacker...	N/A	N/A	Jun 26, 2026	PACKETSTORM
NONE	PACKETSTORM:224373	📄 Penpot Server-Side Request Forgery_PACKETSTORM:224373 Penpot's remote image import let an authenticated file editor turn a normal media convenience feature into backend-origin server-side request forge...	N/A	N/A	Jun 26, 2026	PACKETSTORM
HIGH 8.3	PACKETSTORM:224372	📄 Plane Improper Authorization_PACKETSTORM:224372 Plane's asset subsystem trusted workspace slugs and asset UUIDs without enforcing the right membership checks, which let one authenticated user rea...	N/A	N/A	Jun 26, 2026	PACKETSTORM
MEDIUM 4.3	PACKETSTORM:224390	📄 Docmost 0.70.2 Authorization Bypass_PACKETSTORM:224390 In Docmost versions 0.70.0 through 0.70.2, restricted child pages hidden from public share viewers could still leak through public share search res...	N/A	N/A	Jun 26, 2026	PACKETSTORM
NONE	PACKETSTORM:224403	📄 phpSysInfo 3.4.5 IP Allowlist Bypass_PACKETSTORM:224403 phpSysInfo versions 3.4.5 and below suffer from an IP Allowlist bypass vulnerability...	N/A	N/A	Jun 26, 2026	PACKETSTORM
NONE	PACKETSTORM:224409	📄 Peyara Remote Mouse 1.0.1 Unauthenticated Remote Code Execution_PACKETSTORM:224409 This Metasploit module exploits an unauthenticated remote code execution vulnerability in Peyara Remote Mouse 1.0.1. The application exposes a Sock...	N/A	N/A	Jun 26, 2026	PACKETSTORM

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks_THN:7EF04AAF4274557391FF629872DDC867

Recent Advisories

📄 Docmost Cross Site Scripting_PACKETSTORM:224389

📄 TypeBot Server-Side Request Forgery_PACKETSTORM:224380

📄 Docmost 0.70.x Authorization Bypass_PACKETSTORM:224388

📄 Yeoman Environment 6.0.0 Code Execution_PACKETSTORM:224376

📄 Penpot Server-Side Request Forgery_PACKETSTORM:224373

📄 Plane Improper Authorization_PACKETSTORM:224372

📄 Docmost 0.70.2 Authorization Bypass_PACKETSTORM:224390

📄 phpSysInfo 3.4.5 IP Allowlist Bypass_PACKETSTORM:224403

📄 Peyara Remote Mouse 1.0.1 Unauthenticated Remote Code Execution_PACKETSTORM:224409

Protect Your Attack Surface with RedGem

Security Intelligence
Feed