Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

364 New today
66,027 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
364
Jun 26
Jun 27
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.1 CVE-2026-48942

Joomla Extension – getk2.com – Stored-XSS in K2 extension for Joomla < 2.26_CVE-2026-48942

K2 ≤ 2.26 renders the `#__k2_users.image` column directly into HTML `src` attributes via two distinct templates, in both cases without HTML escaping.

getk2.com K2 extension for Joomla 1.0-2.26 CVE
HIGH 8.1 CVE-2026-9800

Keycloak: keycloak policy enforcer: authorization bypass via incorrect uri comparison_CVE-2026-9800

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role...

Red Hat Red Hat Build of Keycloak CVE
MEDIUM 4.6 CVE-2026-9799

Keycloak: keycloak: unauthorized access to resources via uma permission ticket bypass_CVE-2026-9799

A flaw was found in org.keycloak.authorization. An authenticated user with a granted User-Managed Access (UMA) permission ticket for one resource c...

Red Hat Red Hat Build of Keycloak CVE
MEDIUM 6.5 CVE-2026-9705

Keycloak: keycloak: attacker can re-enable and take over disabled clients via registration access token_CVE-2026-9705

A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token (RAT), coul...

Red Hat Red Hat Build of Keycloak CVE
HIGH 7.7 CVE-2026-9099

Keycloak: group-admin escalation to realm-admin_CVE-2026-9099

A flaw was found in Keycloak. A missing authorization check in the GroupResource.addChild() endpoint within the Admin REST API allows an authentica...

Red Hat Red Hat Build of Keycloak CVE
HIGH 7.3 CVE-2026-9086

Keycloak: keycloak: cross-site scripting (xss) via case-insensitive uri validation bypass_CVE-2026-9086

A flaw was found in Keycloak. A remote attacker with administrative privileges, specifically those with `manage-client` permission or access to cli...

Red Hat Red Hat Build of Keycloak CVE
MEDIUM 4.9 CVE-2026-9083

Keycloak: keycloak: information disclosure through arbitrary filesystem path probing_CVE-2026-9083

A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesyst...

Red Hat Red Hat Build of Keycloak CVE
CRITICAL 9.2 CVE-2026-56123

socat 1.8.0.0 – 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser_CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite ...

socat socat 1.8.0.0 CVE
MEDIUM 5.5 CVE-2026-55439

Halo: Path Traversal in Backup Download Leads to Arbitrary File Read_CVE-2026-55439

Halo is an open source website building tool. Prior to 2.24.3, a path traversal vulnerability in the backup download endpoint allows authenticated ...

halo-dev halo < 2.24.3 CVE