Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

243 New today

65,708 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 8.7

X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring_CVE-2026-11310

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-opensslextra (OPENSSL_EXTRA) and whose application validates certificates by calling X509_verify_cert() with caller-supplied untruste...

CVE-2026-11310 wolfSSL wolfSSL 5.8.4

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.3	CVE-2026-10592	Wildcard DNS SAN bypasses CA name-constraint checks_CVE-2026-10592 Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be r...	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE
LOW 2.3	CVE-2026-7531	Use-after-free in PQC hybrid key-share handling_CVE-2026-7531 Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 serv...	wolfSSL	wolfSSL 5.8.0	Jun 25, 2026	CVE
LOW 2.3	CVE-2026-10512	X25519 x86_64 assembly final reduction leaves non-canonical field element_CVE-2026-10512 The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may no...	wolfSSL	wolfSSL 5.6.4	Jun 25, 2026	CVE
MEDIUM 6.3	CVE-2026-10097	ML-KEM-1024 x64 AVX2 implicit rejection failure breaks IND-CCA2 security_CVE-2026-10097 ML-KEM-1024 x64 AVX2 implicit rejection failure in the Fujisaki-Okamoto transform breaks IND-CCA2 security, allowing decapsulation to deviate from ...	wolfSSL	wolfSSL 5.7.0	Jun 25, 2026	CVE
MEDIUM 6.3	1455C226-77CD-	Exploit for Improper Authentication in Google Android_1455C226-77CD-5803-A0CE-7D7BC815D6F6 BlueDucky Ver 2.1 Android 🦆 Thanks to all the people at HackNexus. Make sure you come join us on VC ! https://discord.gg/HackNexus NOTES: I will n...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
CRITICAL 10	PACKETSTORM:224334	📄 Dalfox Found-Action Deserialization Remote Code Execution_PACKETSTORM:224334 When dalfox versions less than or equal to 2.12.0 is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and...	N/A	N/A	Jun 25, 2026	PACKETSTORM
NONE	MSSECURE:9CD4AE...	Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms_MSSECURE:9CD4AE8F9F47AF1696C23F8E30078560 The endpoint management category is being redefined in real time. Organizations no longer need tools that only inventory devices or enforce configu...	N/A	N/A	Jun 25, 2026	MSSECURE
NONE	SCHNEIER:241805...	AI and Liability_SCHNEIER:24180570FA25CD366F3C4BC1B6F703A6 Earlier this month, a German court ruled that Google is liable for its AI search summaries. Rejecting defenses like "users can check for themselves...	N/A	N/A	Jun 25, 2026	SCHNEIER
NONE	HACKREAD:C879C0...	Fake GTA 6 Early Access Websites Target Gamers with Malware and Crypto Scams_HACKREAD:C879C04F7479896AF809D522E0B323F4 GTA 6 scams are luring fans with fake early access, crypto payments and malware downloads. Learn why PC and Android gamers face the biggest risks o...	N/A	N/A	Jun 25, 2026	HACKREAD

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring_CVE-2026-11310

Recent Advisories

Wildcard DNS SAN bypasses CA name-constraint checks_CVE-2026-10592

Use-after-free in PQC hybrid key-share handling_CVE-2026-7531

X25519 x86_64 assembly final reduction leaves non-canonical field element_CVE-2026-10512

ML-KEM-1024 x64 AVX2 implicit rejection failure breaks IND-CCA2 security_CVE-2026-10097

Exploit for Improper Authentication in Google Android_1455C226-77CD-5803-A0CE-7D7BC815D6F6

📄 Dalfox Found-Action Deserialization Remote Code Execution_PACKETSTORM:224334

Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms_MSSECURE:9CD4AE8F9F47AF1696C23F8E30078560

AI and Liability_SCHNEIER:24180570FA25CD366F3C4BC1B6F703A6

Fake GTA 6 Early Access Websites Target Gamers with Malware and Crypto Scams_HACKREAD:C879C04F7479896AF809D522E0B323F4

Protect Your Attack Surface with RedGem

Security Intelligence
Feed