Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

219 New today

64,835 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

197

Jun 23

Critical

High

Medium

Low

Latest

CVE CVSS 6

n8n: Merge Node SQL Mode Prototype Pollution_CVE-2026-54311

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows could pollute the sandbox used by the Merge node's SQL Query mode. Because the sandbox context was cached and reused across all w...

CVE-2026-54311 n8n-io n8n >= 2.26.0, < 2.26.2

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-54310	n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes_CVE-2026-54310 n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows...	n8n-io	n8n >= 2.26.0, < 2.26.2	Jun 23, 2026	CVE
HIGH 8.8	CVE-2026-54309	n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions_CVE-2026-54309 n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoi...	n8n-io	n8n >= 2.26.0, < 2.26.2	Jun 23, 2026	CVE
MEDIUM 6.8	CVE-2026-54303	n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints_CVE-2026-54303 n8n is an open source workflow automation platform. Prior to 2.24.0, an endpoint in the Meta and Microsoft Teams trigger nodes reflects a query par...	n8n-io	n8n < 2.24.0	Jun 23, 2026	CVE
HIGH 7.1	CVE-2025-62180	Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs._CVE-2025-62180 Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain...	Pegasystems	Pega Infinity 8.3.0	Jun 23, 2026	CVE
LOW 3.5	CVE-2025-15619	HCL Connections is vulnerable to broken access control_CVE-2025-15619 HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario.	HCLSoftware	Connections 7.0, 8.0	Jun 23, 2026	CVE
CRITICAL 9.8	TRENDMICROBLOG:...	From Langflow to Monero: Inside CVE-2026-33017 Cryptominer_TRENDMICROBLOG:D6D82F6102E243699FEABC242F869EE4 We tracked a cryptocurrency-mining campaign exploiting CVE-2026-33017, which revealed how threat actors are now scanning exposed AI application inf...	N/A	N/A	Jun 23, 2026	TRENDMICROBLOG
NONE	HACKREAD:A41968...	New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto_HACKREAD:A419683ACF762DB1E281C5DEA5248AF1 Microsoft researchers warn of a new dual-action cryptocurrency clipper (CryptoBandits Malware) spreading through USB devices to alter wallet addres...	N/A	N/A	Jun 23, 2026	HACKREAD
NONE	MALWAREBYTES:32...	Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613 Meta has paused a controversial employee‑tracking program after an internal security review found that highly granular keystroke and screen‑capture...	N/A	N/A	Jun 23, 2026	MALWAREBYTES
NONE	AKAMAIBLOG:F7FF...	AI Reconnaissance: The Missing Layer in Chatbot Security_AKAMAIBLOG:F7FF735B9CED18324CEDEF05F2700342 {“lastseen”:”2026-06-23T13:36:50″,”description”:””,”published”:”2026-06-23T15:00:...	N/A	N/A	Jun 23, 2026	AKAMAIBLOG

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

n8n: Merge Node SQL Mode Prototype Pollution_CVE-2026-54311

Recent Advisories

n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes_CVE-2026-54310

n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions_CVE-2026-54309

n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints_CVE-2026-54303

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs._CVE-2025-62180

HCL Connections is vulnerable to broken access control_CVE-2025-15619

From Langflow to Monero: Inside CVE-2026-33017 Cryptominer_TRENDMICROBLOG:D6D82F6102E243699FEABC242F869EE4

New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto_HACKREAD:A419683ACF762DB1E281C5DEA5248AF1

Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613

AI Reconnaissance: The Missing Layer in Chatbot Security_AKAMAIBLOG:F7FF735B9CED18324CEDEF05F2700342

Protect Your Attack Surface with RedGem

Security Intelligence
Feed