Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

155 New today

66,777 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

284

Jun 29

Jun 30

Critical

High

Medium

Low

Latest

CVE CVSS 6.5

sigqueue(2) missing capability mode restriction_CVE-2026-45259

sigqueue(2) was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kern_sigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. A process in capability mode can use...

CVE-2026-45259 FreeBSD FreeBSD 15.0-RELEASE

Jun 27, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.8	CVE-2026-45258	Multiple vulnerabilities in the sound(4) mmap path_CVE-2026-45258 dsp_mmap_single() validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This additio...	FreeBSD	FreeBSD 15.0-RELEASE	Jun 27, 2026	CVE
HIGH 7.8	CVE-2026-49414	ASLR bypass for setuid executables via procctl(2)_CVE-2026-49414 The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather tha...	FreeBSD	FreeBSD 15.0-RELEASE	Jun 27, 2026	CVE
CRITICAL 9.8	CVE-2026-49048	Joomla Extension – joomcoder.com – Unauthenticated SQL Injection in JoomCCK extension for Joomla < 6.4.1_CVE-2026-49048 The Joomla extension JoomCCK exposes a front-end controller task, that builds two SQL statements by directly concatenating a user-supplied request ...	joomcoder.com	JoomCCK extension for Joomla 1.0-6.4.0	Jun 28, 2026	CVE
MEDIUM 4.3	CVE-2026-9676	f4 Post Tree < 2.0.5 - Subscriber+ Arbitrary Post Parent/Menu Order Modification_CVE-2026-9676 The F4 Post Tree WordPress plugin before 2.0.5 does not perform capability checks or CSRF/nonce verification on one of its AJAX actions, allowing a...	Unknown	F4 Post Tree	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-10083	APCu Manager < 4.5.0 - Unauthenticated Stored XSS via Cache Key Pollution_CVE-2026-10083 The APCu Manager WordPress plugin before 4.5.0 does not escape APCu object-cache keys before rendering them in an admin-area page, leading to a Sto...	Unknown	APCu Manager	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-41992	Global Buffer Overflow in GNU gzip_CVE-2026-41992 GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between dif...	GNU	gzip	Jun 29, 2026	CVE
LOW 2	CVE-2026-41991	Predictable Temporary File in GNU gzip_CVE-2026-41991 GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the...	GNU	gzip	Jun 29, 2026	CVE
HIGH 8.7	CVE-2026-13564	Edimax EW-7478APC POST Request formPPPoESetup stack-based overflow_CVE-2026-13564 A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component PO...	Edimax	EW-7478APC 1.04	Jun 29, 2026	CVE
HIGH 8.7	CVE-2026-13563	Edimax EW-7478APC POST Request formL2TPSetup stack-based overflow_CVE-2026-13563 A vulnerability has been found in Edimax EW-7478APC 1.04. This impacts the function formL2TPSetup of the file /goform/formL2TPSetup of the componen...	Edimax	EW-7478APC 1.04	Jun 29, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

sigqueue(2) missing capability mode restriction_CVE-2026-45259

Recent Advisories

Multiple vulnerabilities in the sound(4) mmap path_CVE-2026-45258

ASLR bypass for setuid executables via procctl(2)_CVE-2026-49414

Joomla Extension – joomcoder.com – Unauthenticated SQL Injection in JoomCCK extension for Joomla < 6.4.1_CVE-2026-49048

f4 Post Tree < 2.0.5 - Subscriber+ Arbitrary Post Parent/Menu Order Modification_CVE-2026-9676

APCu Manager < 4.5.0 - Unauthenticated Stored XSS via Cache Key Pollution_CVE-2026-10083

Global Buffer Overflow in GNU gzip_CVE-2026-41992

Predictable Temporary File in GNU gzip_CVE-2026-41991

Edimax EW-7478APC POST Request formPPPoESetup stack-based overflow_CVE-2026-13564

Edimax EW-7478APC POST Request formL2TPSetup stack-based overflow_CVE-2026-13563

Protect Your Attack Surface with RedGem

Security Intelligence
Feed