Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

298 New today

64,624 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

303

Jun 22

Jun 23

Critical

High

Medium

Low

Latest

CVE CVSS 6.5

Filament: Inconsistent scope enforcement for AttachAction and AssociateAction Select fields_CVE-2026-48067

Filament is a collection of full-stack components for accelerated Laravel development. From filament/actions 4.0.0 until 4.11.4 and 5.6.4 and from filament/tables 3.0.0 until 3.3.51, the recordSelectOptionsQuery() method may be used to scope the options available in the Select...

CVE-2026-48067 filamentphp filament >= 4.0.0, < 4.11.4

Jun 22, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.1	CVE-2026-44889	WebOb: Location header normalization during redirect leads to open redirect_CVE-2026-44889 WebOb provides objects for HTTP requests and responses. Prior to 1.8.10, the normalization of the HTTP Location header during a redirect is vulnera...	Pylons	webob < 1.8.10	Jun 22, 2026	CVE
MEDIUM 5.4	CVE-2026-44311	Fabric.js: Improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization_CVE-2026-44311 Fabric.js is a Javascript HTML5 canvas library. Prior to 7.4.0, a potential Cross-Site Scripting (XSS) vulnerability exists in Fabric.js due to imp...	fabricjs	fabric.js < 7.4.0	Jun 22, 2026	CVE
HIGH 7.6	CVE-2025-71358	picklescan – Remote Code Execution via idlelib.autocomplete.AutoComplete.get_entity_CVE-2025-71358 picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete.get_entity function in reduce method...	picklescan	picklescan	Jun 22, 2026	CVE
HIGH 7.6	CVE-2025-71344	picklescan – Arbitrary Code Execution via Undetected ensurepip._run_pip Function_CVE-2025-71344 picklescan before 0.0.30 (affected versions 0.0.26 and earlier) fails to detect the ensurepip._run_pip built-in function when scanning pickle files...	picklescan	picklescan	Jun 22, 2026	CVE
HIGH 7.6	CVE-2025-71339	Picklescan – Arbitrary Code Execution via numpy.f2py.crackfortran._eval_length Gadget_CVE-2025-71339 Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran._eval_length gadget in pickle __reduce__ methods, allowing arbitrary code exec...	Picklescan	Picklescan	Jun 22, 2026	CVE
CRITICAL 9.3	4DC88245-D5D6-	Exploit for CVE-2026-49772_4DC88245-D5D6-582C-AA2B-EE9293E136F3 The Events Calendar SQL Injection CVE-2026-49772 PoC Description CVE-2026-49772 is an unauthenticated blind SQL injection in the WordPress plugin T...	N/A	N/A	Jun 22, 2026	GITHUBEXPLOIT
CRITICAL 9.3	PACKETSTORM:224001	📄 Worksnaps.net Worksnaps Hardcoded Root Cloud Credentials_PACKETSTORM:224001 Silver Leaf Technologies - Worksnaps.net Worksnaps suffers from a hardcoded credential vulnerability. Several application binaries contained hardco...	N/A	N/A	Jun 22, 2026	PACKETSTORM
CRITICAL 9.8	PACKETSTORM:223999	📄 Sprecher Automation SPRECON-E-C/-E-P/-E-T3 Missing Secure-Boot / Static Passwords_PACKETSTORM:223999 Sprecher Automation SPRECON-E-C/-E-P/-E-T3 leaks the firmware signing private key, is missing a secure-boot mechanism, has unencrypted flash memory...	N/A	N/A	Jun 22, 2026	PACKETSTORM
HIGH 8.8	MS:CVE-2026-12443	Chromium: CVE-2026-12443 Use after free in Web Authentication_MS:CVE-2026-12443 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Filament: Inconsistent scope enforcement for AttachAction and AssociateAction Select fields_CVE-2026-48067

Recent Advisories

WebOb: Location header normalization during redirect leads to open redirect_CVE-2026-44889

Fabric.js: Improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization_CVE-2026-44311

picklescan – Remote Code Execution via idlelib.autocomplete.AutoComplete.get_entity_CVE-2025-71358

picklescan – Arbitrary Code Execution via Undetected ensurepip._run_pip Function_CVE-2025-71344

Picklescan – Arbitrary Code Execution via numpy.f2py.crackfortran._eval_length Gadget_CVE-2025-71339

Exploit for CVE-2026-49772_4DC88245-D5D6-582C-AA2B-EE9293E136F3

📄 Worksnaps.net Worksnaps Hardcoded Root Cloud Credentials_PACKETSTORM:224001

📄 Sprecher Automation SPRECON-E-C/-E-P/-E-T3 Missing Secure-Boot / Static Passwords_PACKETSTORM:223999

Chromium: CVE-2026-12443 Use after free in Web Authentication_MS:CVE-2026-12443

Protect Your Attack Surface with RedGem

Security Intelligence
Feed