Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

221 New today

65,806 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

144

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 7.5

File Browser: Incorrect access control in public directory shares via rule path rebasing_CVE-2026-54091

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, File Browser's public share handlers rebase the share owner's filesystem root to the shared directory and then evaluate des...

CVE-2026-54091 filebrowser filebrowser < 2.63.6

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.7	CVE-2026-54090	File Browser: Command Allowlist Bypass via Shell Metacharacter Injection_CVE-2026-54090 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2...	filebrowser	filebrowser < 2.33.8	Jun 25, 2026	CVE
CRITICAL 9.1	CVE-2026-54089	File Browser: Authentication Bypass via Proxy Auth Header Forgery_CVE-2026-54089 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Starting w...	filebrowser	filebrowser >= 2.0.0-rc.1	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2026-54088	File Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)_CVE-2026-54088 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2...	filebrowser	filebrowser < 2.63.6	Jun 25, 2026	CVE
HIGH 7.8	CVE-2026-53925	Glances: Arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration_CVE-2026-53925 Glances is an open-source system cross-platform monitoring tool. From 4.0.8 until 4.5.5, the secure_popen() function in glances/secure.py interpret...	nicolargo	glances >= 4.0.8, < 4.5.5	Jun 25, 2026	CVE
MEDIUM 5.3	CVE-2026-46611	Glances: XML-RPC Server Missing Host Header Validation Enables DNS Rebinding Attack_CVE-2026-46611 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s, implemented in glances/ser...	nicolargo	glances < 4.5.5	Jun 25, 2026	CVE
HIGH 7.4	CVE-2026-46608	Glances: XML-RPC Multi-Origin CORS Configuration Silently Falls Back to Wildcard (Incomplete Fix for CVE-2026-33533)_CVE-2026-46608 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s) introduced a configurable ...	nicolargo	glances < 4.5.5	Jun 25, 2026	CVE
HIGH 7.8	CVE-2026-46607	Glances: Insecure Pickle Deserialization in Version Cache Leads to Arbitrary Code Execution_CVE-2026-46607 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load() to read a version-check cac...	nicolargo	glances < 4.5.5	Jun 25, 2026	CVE
HIGH 7.8	CVE-2026-46606	Glances: Command Injection via KVM/QEMU VM Domain Names in glances/plugins/vms/engines/virsh.py_CVE-2026-46606 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances KVM/QEMU monitoring engine (glances/plugins/vms/engine...	nicolargo	glances < 4.5.5	Jun 25, 2026	CVE
HIGH 8.4	CVE-2026-12921	Use after free in AzeoTech DAQFactory_CVE-2026-12921 In AzeoTech DAQFactory versions 21.1 and prior, a Use After Free vulnerability can be exploited by an attacker using specially crafted .ctl files w...	AzeoTech	DAQFactory	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

File Browser: Incorrect access control in public directory shares via rule path rebasing_CVE-2026-54091

Recent Advisories

File Browser: Command Allowlist Bypass via Shell Metacharacter Injection_CVE-2026-54090

File Browser: Authentication Bypass via Proxy Auth Header Forgery_CVE-2026-54089

File Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)_CVE-2026-54088

Glances: Arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration_CVE-2026-53925

Glances: XML-RPC Server Missing Host Header Validation Enables DNS Rebinding Attack_CVE-2026-46611

Glances: XML-RPC Multi-Origin CORS Configuration Silently Falls Back to Wildcard (Incomplete Fix for CVE-2026-33533)_CVE-2026-46608

Glances: Insecure Pickle Deserialization in Version Cache Leads to Arbitrary Code Execution_CVE-2026-46607

Glances: Command Injection via KVM/QEMU VM Domain Names in glances/plugins/vms/engines/virsh.py_CVE-2026-46606

Use after free in AzeoTech DAQFactory_CVE-2026-12921

Protect Your Attack Surface with RedGem

Security Intelligence
Feed