Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

408 New today
62,727 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

151
Jun 3
354
Jun 4
517
Jun 5
109
Jun 6
32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
15
Jun 16
Critical
High
Medium
Low
Latest
CVE CVSS 8.8

Premmerce Dev Tools <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution via Plugin Creation_CVE-2026-6933

The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. This is due to the 'generatePluginHandler' function lacking any authorization check before processing user-supplied POST data, com...

CVE-2026-6933 premmerce Premmerce Dev Tools
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-5149

RTMKit <= 2.0.7 - Authenticated (Contributor+) Missing Authorization to Arbitrary Form Submission Access via 'entries_id' Parameter_CVE-2026-5149

The RTMKit plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.7 This is due to the get_submiss...

rometheme RTMKit CVE
MEDIUM 6.7 CVE-2026-50255

CVE-2026-50255_CVE-2026-50255

Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbi...

Sony Corporation Optical Disc Archive Software for Windows 5.5.3 and earlier CVE
MEDIUM 4.3 CVE-2026-10780

Static Block <= 2.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via Shortcode 'id' Attribute_CVE-2026-10780

The Static Block plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2. This is due to t...

mohammadtanzilurrahman Static Block CVE
MEDIUM 6.3 CVE-2026-10635

Dangling memory-domain pointer (use-after-free) in Xtensa MMU page-table code on memory-domain de-init_CVE-2026-10635

On Xtensa targets with CONFIG_USERSPACE and CONFIG_XTENSA_MMU, the page-table code (arch/xtensa/core/ptables.c) maintains a global list, xtensa_dom...

zephyrproject zephyr 4.4.0 CVE
NONE B330A5D9-A16C-

Mr-Robot-CTF-Automation-Scripts_B330A5D9-A16C-5448-ACE0-A24AA4413B17

No description provided...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 CVE-2026-7273

CVE-2026-7273_CVE-2026-7273

A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allow a LAN-ba...

Zyxel GS1900-48HPv2 firmware <= 2.90(ABTQ.1)C0 CVE
CRITICAL 10 5773EA35-AE6F-

Exploit for Deserialization of Untrusted Data in Facebook React_5773EA35-AE6F-5F32-8C58-AE355FF2E15B

CVE-2025-55182 — React2Shell Critical pre-authentication Remote Code Execution vulnerability in React Server Components RSC, Next.js, and related f...

N/A N/A GITHUBEXPLOIT
MEDIUM 6.6 CVE-2026-42014

Gnutls: fix use-after-free in gnutls_pkcs11_token_set_pin_CVE-2026-42014

A flaw was found in GnuTLS. The `gnutls_pkcs11_token_set_pin` function, used for changing the Security Officer PIN, can lead to a use-after-free vu...

Red Hat Red Hat Enterprise Linux 10 0:3.8.10-4.el10_2 CVE
MEDIUM 5.6 CVE-2026-1767

Localsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leading to denial of service or information disclosure via malformed mp3 id3 tags_CVE-2026-1767

A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component. A remote attacker cou...

Red Hat Red Hat Enterprise Linux 10 CVE