Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

204 New today
66,829 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
53
Jun 27
318
Jun 28
284
Jun 29
125
Jun 30
Critical
High
Medium
Low
Latest
CVE CVSS 6.9

SourceCodester Inventory Management System User Registration Endpoint users_handler.php access control_CVE-2026-13568

A weakness has been identified in SourceCodester Inventory Management System 1.0. This vulnerability affects unknown code of the file /api/users_handler.php of the component User Registration Endpoint. This manipulation of the argument role causes improper access controls. Rem...

CVE-2026-13568 SourceCodester Inventory Management System 1.0
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.3 CVE-2026-13567

code-projects Online Music Site POST Request Feedback.php cross site scripting_CVE-2026-13567

A security flaw has been discovered in code-projects Online Music Site 1.0. This affects an unknown part of the file /Frontend/Feedback.php of the ...

code-projects Online Music Site 1.0 CVE
MEDIUM 6.9 CVE-2026-13566

SourceCodester Class and Exam Timetabling System preview3.php sql injection_CVE-2026-13566

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the...

SourceCodester Class and Exam Timetabling System 1.0 CVE
MEDIUM 6.9 CVE-2026-13565

SourceCodester Class and Exam Timetabling System edit_class1.php sql injection_CVE-2026-13565

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown function...

SourceCodester Class and Exam Timetabling System 1.0 CVE
HIGH 8.6 CVE-2026-13165

Remote Code Execution in SzafirHost_CVE-2026-13165

SzafirHost verifies the downloaded native library archive with one JarFile parser (reading the Central Directory) but extracts native libraries wit...

Krajowa Izba Rozliczeniowa SzafirHost CVE
HIGH 8.8 CVE-2026-12856

Vscode-java: vscode: command injection vulnerability in the javadoc hover provider of the vscode-java extension_CVE-2026-12856

A flaw was found in the vscode-java extension, which provides Java language support for Visual Studio Code. The extension incorrectly trusts all Ma...

Red Hat Red Hat OpenShift Dev Spaces CVE
MEDIUM 6.9 CVE-2026-12616

CVE-2026-12616_CVE-2026-12616

The /v1/upload/sbom endpoint extracts the iss claim from the attacker-supplied JWT with signature verification disabled, then interpolates that str...

Eclipse Foundation Eclipse CSI - PIA CVE
LOW 1.8 CVE-2026-11979

Stack-Based Buffer Overflow in libxml2_CVE-2026-11979

libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell() function pro...

xmlsoft libxml2 CVE
MEDIUM 6.5 CVE-2026-57341

WordPress Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin <= 2.9.0 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-57341

Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce

Colissimo Colissimo Officiel : Méthodes de livraison pour WooCommerce n/a CVE
MEDIUM 6.5 CVE-2026-57340

WordPress Japanized For WooCommerce plugin <= 2.9.12 - Broken Access Control vulnerability_CVE-2026-57340

Unauthenticated Broken Access Control in Japanized For WooCommerce

shohei.tanaka Japanized For WooCommerce n/a CVE