Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

311 New today
65,953 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
290
Jun 26
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.6 CVE-2026-54826

WordPress SupportCandy plugin <= 3.4.6 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-54826

Subscriber Insecure Direct Object References (IDOR) in SupportCandy

PSM Plugins SupportCandy n/a CVE
CRITICAL 9.3 CVE-2026-54825

WordPress wpDataTables plugin <= 7.4 - SQL Injection vulnerability_CVE-2026-54825

Unauthenticated SQL Injection in wpDataTables

wpDataTables wpDataTables n/a CVE
HIGH 7.5 CVE-2026-54824

WordPress Ads by WPQuads plugin <= 3.0.3 - Sensitive Data Exposure vulnerability_CVE-2026-54824

Unauthenticated Sensitive Data Exposure in Ads by WPQuads

Ads WPQuads Ads by WPQuads n/a CVE
CRITICAL 9.3 CVE-2026-54820

WordPress JetBooking plugin <= 4.0.4.1 - SQL Injection vulnerability_CVE-2026-54820

Unauthenticated SQL Injection in JetBooking

Crocoblock. Jetimpex Inc. JetBooking n/a CVE
MEDIUM 6.5 CVE-2026-52701

WordPress User Registration plugin <= 5.2.2 - Broken Access Control vulnerability_CVE-2026-52701

Unauthenticated Broken Access Control in User Registration

Themegrill User Registration n/a CVE
MEDIUM 6.5 CVE-2026-4339

SSRF via unvalidated attachment URLs in Mattermost Agents plugin MCP server_CVE-2026-4339

Mattermost versions 10.11.x

Mattermost Mattermost 10.11.0 CVE
HIGH 7.8 CVE-2026-45257

Arbitrary file overwrite via the KTLS receive path_CVE-2026-45257

The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assump...

FreeBSD FreeBSD 15.0-RELEASE CVE
MEDIUM 5.5 CVE-2026-45256

Missing permission check in thr_kill2(2)_CVE-2026-45256

When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to determine whether the operation was permitted but did not ...

FreeBSD FreeBSD 15.0-RELEASE CVE
LOW 3.5 CVE-2026-3472

Markdown image rendering bypass in AI bot tool result posts in Mattermost_CVE-2026-3472

Mattermost versions 10.11.x

Mattermost Mattermost 10.11.0 CVE