Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

193 New today
65,120 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
188
Jun 24
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 EECE9D9F-6DA3-

Exploit for Path Traversal in Apache Http_Server_EECE9D9F-6DA3-5669-A840-4B74F51D2FBB

CVE-2021-42013 — PoC: Path Traversal + RCE via modcgi bypass de parche Solo para uso en entornos controlados y propios. No usar contra sistemas sin...

N/A N/A GITHUBEXPLOIT
HIGH 8.9 CVE-2026-12681

CVE-2026-12681_CVE-2026-12681

Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Google go-attestation. parseEfiSignatureList() does not advan...

Google go-attestation CVE
HIGH 8.7 CVE-2026-7574

Anthropic Claude Desktop Cowork VM Image Contents Not Validated Before Use_CVE-2026-7574

Anthropic Claude Desktop Cowork VM image handling (confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0) val...

Anthropic Claude Desktop Cowork 1.1348.0 CVE
MEDIUM 5.1 CVE-2026-6458

AES-256-GCM Authentication Tag Does Not Cover First Ciphertext Blocks When AAD Is Empty_CVE-2026-6458

Missing cryptographic step in Caliptra Core Firmware (aes_256_gcm_update module) results in an incorrect GCM authentication tag. When the streaming...

Caliptra Core Runtime Firmware 2.0.0 CVE
HIGH 7.2 CVE-2026-5818

MCU Firmware Update Authentication Bypass on Caliptra Core_CVE-2026-5818

Incorrect check of function return value in Caliptra Core Runtime Firmware (ActivateFirmwareCmd::activate_fw modules) allows bypass of Caliptra Cor...

Caliptra Core Runtime Firmware 2.0.0 CVE
HIGH 8.8 CVE-2026-54639

Style Dictionary – Prototype Pollution in convertTokenData utility function_CVE-2026-54639

Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability starting in version 4.3.0 and prior to...

style-dictionary style-dictionary >= 4.3.0, < 5.4.4 CVE
CRITICAL 9.8 D76E3BC5-2C10-

Exploit for Improper Access Control in Getgrav Grav-Plugin-Admin_D76E3BC5-2C10-52DE-8FE2-24C1C9C72D09

this is my version i found a lot in internet but those are too bad USAGE python3 exploit.py -u http://IP/grav-admin/ --lhost YOUR TUN0 IP --lport 4...

N/A N/A GITHUBEXPLOIT
HIGH 8.1 CVE-2026-39253

CVE-2026-39253_CVE-2026-39253

An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Se...

n/a n/a n/a CVE
MEDIUM 5.3 CVE-2026-54517

jackson-databind: @JsonView bypass for setterless creator properties_CVE-2026-54517

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3....

FasterXML jackson-databind >= 2.21.0, < 2.21.4 CVE