Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

243 New today

65,336 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

Jun 25

Critical

High

Medium

Low

Latest

CVE CVSS 5.4

AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute_CVE-2026-10531

The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a page, allowing users with the Contributor role and above to perform Stored Cross-Site Scripting attacks.

CVE-2026-10531 Unknown AI Share & Summarize

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-56761	hono – HTML Injection via Improper JSX Attribute Name Handling in SSR_CVE-2026-56761 hono before 4.12.14 contains an html injection vulnerability in jsx server-side rendering that allows attackers to inject unintended html by using ...	hono	hono	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-56370	ImageMagick – Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact_CVE-2026-56370 ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artif...	ImageMagick	ImageMagick	Jun 24, 2026	CVE
MEDIUM 6.3	CVE-2026-56368	ImageMagick – Memory Leak in Raw Pixel Data Coders_CVE-2026-56368 ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not prope...	ImageMagick	ImageMagick	Jun 24, 2026	CVE
MEDIUM 5.1	CVE-2026-56358	n8n – Stored Cross-Site Scripting in Form Trigger Node_CVE-2026-56358 n8n before 1.123.25 (1.x) and before 2.11.2 (2.x), with the fix also included in 2.12.0, contains a stored cross-site scripting vulnerability in th...	n8n	n8n	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-56351	n8n – SQL Injection in MySQL, PostgreSQL, and Microsoft SQL Nodes_CVE-2026-56351 n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes that allows authenticated users to in...	n8n	n8n	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-56338	Capgo – Denial of Service in 2FA Email Verification via /auth/v1/otp Endpoint_CVE-2026-56338 Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authe...	Capgo	Capgo	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-56337	Capgo – Information Disclosure via Unauthenticated RPC Function exist_app_v2_CVE-2026-56337 Capgo before 12.128.2 contains an information disclosure vulnerability in the public.exist_app_v2 RPC function that allows unauthenticated attacker...	Capgo	Capgo	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-56310	Cap-go – Authorization Bypass in Organization Members Endpoint via API Key Scope Bypass_CVE-2026-56310 Cap-go before 12.128.2 contains an authorization bypass vulnerability in the GET /organization/members endpoint that allows org-limited API keys to...	Cap-go	capgo	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-56302	Capgo – Unsecured Supabase Images Bucket via Missing Row Level Security_CVE-2026-56302 Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, inse...	Capgo	Capgo	Jun 24, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute_CVE-2026-10531

Recent Advisories

hono – HTML Injection via Improper JSX Attribute Name Handling in SSR_CVE-2026-56761

ImageMagick – Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact_CVE-2026-56370

ImageMagick – Memory Leak in Raw Pixel Data Coders_CVE-2026-56368

n8n – Stored Cross-Site Scripting in Form Trigger Node_CVE-2026-56358

n8n – SQL Injection in MySQL, PostgreSQL, and Microsoft SQL Nodes_CVE-2026-56351

Capgo – Denial of Service in 2FA Email Verification via /auth/v1/otp Endpoint_CVE-2026-56338

Capgo – Information Disclosure via Unauthenticated RPC Function exist_app_v2_CVE-2026-56337

Cap-go – Authorization Bypass in Organization Members Endpoint via API Key Scope Bypass_CVE-2026-56310

Capgo – Unsecured Supabase Images Bucket via Missing Row Level Security_CVE-2026-56302

Protect Your Attack Surface with RedGem

Security Intelligence
Feed