Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

94 New today

64,311 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Jun 22

Critical

High

Medium

Low

Latest

CVE CVSS 7.1

DevGuard has improper authorization on public assets_CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from a different organization with no membership or role in the affected org/proje...

CVE-2026-48089 l3montree-dev devguard < 1.4.2

Jun 19, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-50559	Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities_CVE-2026-50559 Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20....	quarkusio	quarkus >= 3.36.0, < 3.36.3	Jun 19, 2026	CVE
HIGH 7.1	CVE-2026-49346	libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow_CVE-2026-49346 libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and...	strukturag	libde265 < 1.1.0	Jun 19, 2026	CVE
MEDIUM 4.3	CVE-2026-49337	libde265 has an unbounded memory leak via orphaned slice headers in `read_slice_NAL`_CVE-2026-49337 libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes `decoder_...	strukturag	libde265 < 1.0.20	Jun 19, 2026	CVE
HIGH 7.1	CVE-2026-49295	libde265 has an out-of-bounds write in process_reference_picture_set via predicted short-term RPS_CVE-2026-49295 libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds a...	strukturag	libde265 < 1.0.20	Jun 19, 2026	CVE
LOW 1.3	CVE-2026-48794	Authelia has an Edge Case Access Control Rule Mismatch_CVE-2026-48794 Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications vi...	authelia	authelia >= 4.36.0, < 4.39.20	Jun 19, 2026	CVE
MEDIUM 6.5	CVE-2026-48129	Kestra task inputFiles accepts traversal filenames for worker file writes_CVE-2026-48129 Kestra is an open-source, event-driven orchestration platform. Prior to versions 1.3.19, 1.2.19, 1.1.19, and 1.0.43, Kestra task `inputFiles` write...	kestra-io	kestra < 1.0.43	Jun 19, 2026	CVE
LOW 2.9	CVE-2026-47203	Authelia Missing Username Canonicalization in Basic Auth (LDAP)_CVE-2026-47203 Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications vi...	authelia	authelia >= 4.38.0, < 4.39.20	Jun 19, 2026	CVE
MEDIUM 6.5	CVE-2026-50519	Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability_CVE-2026-50519 {“lastseen”:””,”description”:””,”published”:”2026-06-19T20:28:35.395Z”,&#82...	Microsoft	GitHub Copilot Chat 1.0.0	Jun 19, 2026	CVE
CRITICAL 9.9	CVE-2026-48584	Microsoft Azure Synapse Elevation of Privilege Vulnerability_CVE-2026-48584 {“lastseen”:””,”description”:””,”published”:”2026-06-19T20:27:48.494Z”,&#82...	Microsoft	Azure Synapse -	Jun 19, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

DevGuard has improper authorization on public assets_CVE-2026-48089

Recent Advisories

Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities_CVE-2026-50559

libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow_CVE-2026-49346

libde265 has an unbounded memory leak via orphaned slice headers in `read_slice_NAL`_CVE-2026-49337

libde265 has an out-of-bounds write in process_reference_picture_set via predicted short-term RPS_CVE-2026-49295

Authelia has an Edge Case Access Control Rule Mismatch_CVE-2026-48794

Kestra task inputFiles accepts traversal filenames for worker file writes_CVE-2026-48129

Authelia Missing Username Canonicalization in Basic Auth (LDAP)_CVE-2026-47203

Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability_CVE-2026-50519

Microsoft Azure Synapse Elevation of Privilege Vulnerability_CVE-2026-48584

Protect Your Attack Surface with RedGem

Security Intelligence
Feed