Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

91 New today

64,314 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Jun 22

Critical

High

Medium

Low

Latest

CVE CVSS 6.9

Capgo – Denial of Service via Unauthenticated OPTIONS Request to /build/upload Endpoint_CVE-2026-56299

Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/* endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers can send OPTIONS requests to bypass authentication middleware and invoke tusPro...

CVE-2026-56299 Capgo Capgo

Jun 21, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-56265	Crawl4AI – Authentication Bypass via Hardcoded JWT Signing Key_CVE-2026-56265 Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attacker...	Crawl4AI	Crawl4AI	Jun 21, 2026	CVE
HIGH 8.7	CVE-2026-56253	Capgo – Unauthenticated Organization Member Email Disclosure via get_org_members RPC_CVE-2026-56253 Capgo before 12.128.2 contains an improper access control vulnerability in the public.get_org_members RPC function that allows unauthenticated atta...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7	CVE-2026-56251	Capgo – Privilege Escalation via Broken Row Level Security in org_users_CVE-2026-56251 Capgo before 12.128.2 contains a broken row level security policy in the org_users table that allows authenticated users to elevate privileges from...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 8.7	CVE-2026-56242	Capgo – Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPC_CVE-2026-56242 Capgo before 12.128.2 contains an unauthenticated security definer RPC function get_identity_apikey_only that returns the owning user_id for suppli...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7.2	CVE-2026-56239	Capgo – Privilege Escalation via SECURITY DEFINER Function apply_usage_overage_CVE-2026-56239 Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public.apply_usage_overage SECURITY DEFINER function, which pe...	Capgo	Capgo	Jun 21, 2026	CVE
MEDIUM 6.8	CVE-2026-56236	Capgo CLI – Arbitrary File Overwrite via Symlink-Following in Local Credential Operations_CVE-2026-56236 Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without ...	capgo	cli	Jun 21, 2026	CVE
HIGH 7.1	CVE-2026-56229	Capgo – Cross-App Build Job Access via app_id/job_id Mismatch in /build/status and /build/logs_CVE-2026-56229 Capgo before 12.128.2 contains an authorization bypass vulnerability in the /build/status and /build/logs endpoints that allows attackers to access...	Capgo	Capgo	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71378	picklescan – Remote Code Execution via Undetected cProfile.runctx in Pickle Files_CVE-2025-71378 picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code...	picklescan	picklescan	Jun 21, 2026	CVE
HIGH 7.6	CVE-2025-71357	picklescan – Arbitrary Code Execution via Undetected idlelib.pyshell.ModifiedInterpreter.runcommand_CVE-2025-71357 picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers c...	picklescan	picklescan	Jun 21, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Capgo – Denial of Service via Unauthenticated OPTIONS Request to /build/upload Endpoint_CVE-2026-56299

Recent Advisories

Crawl4AI – Authentication Bypass via Hardcoded JWT Signing Key_CVE-2026-56265

Capgo – Unauthenticated Organization Member Email Disclosure via get_org_members RPC_CVE-2026-56253

Capgo – Privilege Escalation via Broken Row Level Security in org_users_CVE-2026-56251

Capgo – Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPC_CVE-2026-56242

Capgo – Privilege Escalation via SECURITY DEFINER Function apply_usage_overage_CVE-2026-56239

Capgo CLI – Arbitrary File Overwrite via Symlink-Following in Local Credential Operations_CVE-2026-56236

Capgo – Cross-App Build Job Access via app_id/job_id Mismatch in /build/status and /build/logs_CVE-2026-56229

picklescan – Remote Code Execution via Undetected cProfile.runctx in Pickle Files_CVE-2025-71378

picklescan – Arbitrary Code Execution via Undetected idlelib.pyshell.ModifiedInterpreter.runcommand_CVE-2025-71357

Protect Your Attack Surface with RedGem

Security Intelligence
Feed