Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

224 New today

65,343 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

Jun 25

Critical

High

Medium

Low

Latest

CVE CVSS 6.3

ImageMagick – Memory Leak in Raw Pixel Data Coders_CVE-2026-56368

ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service.

CVE-2026-56368 ImageMagick ImageMagick

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.1	CVE-2026-56358	n8n – Stored Cross-Site Scripting in Form Trigger Node_CVE-2026-56358 n8n before 1.123.25 (1.x) and before 2.11.2 (2.x), with the fix also included in 2.12.0, contains a stored cross-site scripting vulnerability in th...	n8n	n8n	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-56351	n8n – SQL Injection in MySQL, PostgreSQL, and Microsoft SQL Nodes_CVE-2026-56351 n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes that allows authenticated users to in...	n8n	n8n	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-56338	Capgo – Denial of Service in 2FA Email Verification via /auth/v1/otp Endpoint_CVE-2026-56338 Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authe...	Capgo	Capgo	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-56337	Capgo – Information Disclosure via Unauthenticated RPC Function exist_app_v2_CVE-2026-56337 Capgo before 12.128.2 contains an information disclosure vulnerability in the public.exist_app_v2 RPC function that allows unauthenticated attacker...	Capgo	Capgo	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-56310	Cap-go – Authorization Bypass in Organization Members Endpoint via API Key Scope Bypass_CVE-2026-56310 Cap-go before 12.128.2 contains an authorization bypass vulnerability in the GET /organization/members endpoint that allows org-limited API keys to...	Cap-go	capgo	Jun 24, 2026	CVE
MEDIUM 6.9	CVE-2026-56302	Capgo – Unsecured Supabase Images Bucket via Missing Row Level Security_CVE-2026-56302 Capgo before 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, inse...	Capgo	Capgo	Jun 24, 2026	CVE
MEDIUM 5.6	CVE-2026-56272	Flowise – Insufficient Password Salt Rounds in Bcrypt Hashing_CVE-2026-56272 Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds...	Flowise	Flowise	Jun 24, 2026	CVE
HIGH 8.7	CVE-2026-56270	Flowise – Unauthenticated OAuth Secrets Disclosure via /api/v1/loginmethod Endpoint_CVE-2026-56270 Flowise before 3.1.0 (versions 3.0.13 and earlier) contains a missing authentication vulnerability in the /api/v1/loginmethod endpoint that allows ...	Flowise	Flowise	Jun 24, 2026	CVE
MEDIUM 4.3	CVE-2026-56269	Flowise – Weak Default Token Hash Secret in JWT Token Encryption_CVE-2026-56269 Flowise before 3.1.0 (npm package flowise, versions 3.0.13 and earlier) uses a weak hardcoded default value 'Secre$t' for the TOKEN_HASH_SECRET env...	Flowise	Flowise	Jun 24, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

ImageMagick – Memory Leak in Raw Pixel Data Coders_CVE-2026-56368

Recent Advisories

n8n – Stored Cross-Site Scripting in Form Trigger Node_CVE-2026-56358

n8n – SQL Injection in MySQL, PostgreSQL, and Microsoft SQL Nodes_CVE-2026-56351

Capgo – Denial of Service in 2FA Email Verification via /auth/v1/otp Endpoint_CVE-2026-56338

Capgo – Information Disclosure via Unauthenticated RPC Function exist_app_v2_CVE-2026-56337

Cap-go – Authorization Bypass in Organization Members Endpoint via API Key Scope Bypass_CVE-2026-56310

Capgo – Unsecured Supabase Images Bucket via Missing Row Level Security_CVE-2026-56302

Flowise – Insufficient Password Salt Rounds in Bcrypt Hashing_CVE-2026-56272

Flowise – Unauthenticated OAuth Secrets Disclosure via /api/v1/loginmethod Endpoint_CVE-2026-56270

Flowise – Weak Default Token Hash Secret in JWT Token Encryption_CVE-2026-56269

Protect Your Attack Surface with RedGem

Security Intelligence
Feed