Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

289 New today
64,604 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
283
Jun 22
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-9822

WP Hotel Booking < 2.3.1 - Subscriber+ Missing Authorization in Multiple AJAX Handlers_CVE-2026-9822

The WP Hotel Booking WordPress plugin before 2.3.1 does not enforce capability checks in several of its AJAX handlers, allowing authenticated users...

Unknown WP Hotel Booking CVE
CRITICAL 9.1 CVE-2025-62821

CVE-2025-62821_CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntry_GetDataSize can return success while leaving the repo...

Microsoft Microsoft HEIF Image Extensions 1.2.22.0 CVE
CRITICAL 9.8 CVE-2026-51846

CVE-2026-51846_CVE-2026-51846

In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to r...

Tenda Tenda AC7 v15.03.06.44 CVE
CRITICAL 9.8 CVE-2026-51845

CVE-2026-51845_CVE-2026-51845

Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter.

Tenda Tenda AC7 v15.03.06.44 CVE
CRITICAL 9.8 CVE-2026-51844

CVE-2026-51844_CVE-2026-51844

Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter.

Tenda Tenda AC7 v15.03.06.44 CVE
CRITICAL 9.8 CVE-2026-51843

CVE-2026-51843_CVE-2026-51843

Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter.

Tenda Tenda AC7 v15.03.06.44 CVE
MEDIUM 6.1 CVE-2026-4110

Ultimate WooCommerce Auction Pro <= 2.4.5 - Reflected XSS via uwa_auctions_bids_list_CVE-2026-4110

The ultimate-woocommerce-auction-pro WordPress plugin through 2.4.5 does not sanitise and escape a parameter before outputting it back in the page,...

Unknown ultimate-woocommerce-auction-pro CVE
MEDIUM 5.3 CVE-2026-10530

Pie Register < 3.8.4.10 - Unauthenticated Email Verification Bypass via Predictable Token_CVE-2026-10530

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowin...

Unknown Pie Register CVE
HIGH 8.1 CVE-2025-66336

Apache Doris MCP Server: SQL injection leading the authentication bypass_CVE-2025-66336

Apache Doris MCP Server contains a SQL injection vulnerability in a metadata query path. A user-controlled database name is directly interpolated i...

Apache Software Foundation Apache Doris MCP Server 0.1.0 CVE