Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

190 New today

65,350 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

Jun 25

Critical

High

Medium

Low

Latest

CVE CVSS 8.7

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in GitLab_CVE-2026-10086

GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code ...

CVE-2026-10086 GitLab GitLab 16.4

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.8	CVE-2026-0934	Incorrect Authorization in GitLab_CVE-2026-0934 GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under ...	GitLab	GitLab 17.9	Jun 25, 2026	CVE
NONE	80E15B48-9525-	cerberus-redteam_80E15B48-9525-5CE1-8DB6-0FC4C91F9811 Agent Autonome de Red Teaming Guidé par LLM et MITRE ATT&CK Projet Fil Rouge — Périmètre 2 : Red Teaming & LLM Télécom Paris — MSCYBER2 BE4 --- Dém...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
NONE	462F4346-7AE4-	Secure-Authentication-Demo_462F4346-7AE4-5690-8B80-B98FAD7207FA No description provided...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
CRITICAL 9.8	05A924D8-6752-	APACHE-2.4.49-2.4.50-exploit_05A924D8-6752-5085-A17B-85A9635984FD CVE-2021-42013-PoC A lightweight, interactive Bash utility designed to audit and verify vulnerability to CVE-2021-42013 Apache HTTP Server 2.4.49 /...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
LOW 3.3	CVE-2026-8662	Path Traversal in Rapid7 InsightConnect Compression Plugin_CVE-2026-8662 Path Traversal vulnerability in the create_archive function of Rapid7 InsightConnect Compression Plugin on Linux allows authenticated attackers to ...	Rapid7	InsightConnect Compression Plugin	Jun 25, 2026	CVE
MEDIUM 6	CVE-2026-8658	OS Command Injection in Rapid7 InsightConnect Tcpdump Plugin_CVE-2026-8658 OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands...	Rapid7	InsightConnect Tcpdump Plugin	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-2508	Gravity Forms Booking <= 2.7.1 - Authenticated (Subscriber+) Time-Based SQL Injection via 'staff_id'_CVE-2026-2508 The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘staff_id’ parameter in all versions up to, and in...	GravityMore	Gravity Bookings	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-12079	Dokan Pro <= 5.0.4 - Authenticated (Subscriber+) SQL Injection via 'orderby' Parameter_CVE-2026-12079 The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ parameter in all versions up to, and including, 5.0....	wedevs	Dokan Pro	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-12077	Dokan Pro <= 5.0.4 - Unauthenticated SQL Injection via 'latitude' and 'longitude' Parameters_CVE-2026-12077 The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the via 'latitude' and 'longitude' parameters in all versions up t...	wedevs	Dokan Pro	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in GitLab_CVE-2026-10086

Recent Advisories

Incorrect Authorization in GitLab_CVE-2026-0934

cerberus-redteam_80E15B48-9525-5CE1-8DB6-0FC4C91F9811

Secure-Authentication-Demo_462F4346-7AE4-5690-8B80-B98FAD7207FA

APACHE-2.4.49-2.4.50-exploit_05A924D8-6752-5085-A17B-85A9635984FD

Path Traversal in Rapid7 InsightConnect Compression Plugin_CVE-2026-8662

OS Command Injection in Rapid7 InsightConnect Tcpdump Plugin_CVE-2026-8658

Gravity Forms Booking <= 2.7.1 - Authenticated (Subscriber+) Time-Based SQL Injection via 'staff_id'_CVE-2026-2508

Dokan Pro <= 5.0.4 - Authenticated (Subscriber+) SQL Injection via 'orderby' Parameter_CVE-2026-12079

Dokan Pro <= 5.0.4 - Unauthenticated SQL Injection via 'latitude' and 'longitude' Parameters_CVE-2026-12077

Protect Your Attack Surface with RedGem

Security Intelligence
Feed