Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

308 New today
65,585 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
298
Jun 25
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-57520

Bitwarden Server < 2026.5.0 Privilege Escalation via Bulk User Remove Endpoint_CVE-2026-57520

Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission t...

bitwarden server CVE
MEDIUM 6.3 CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA (temporary CA exemption)_CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usag...

wolfSSL wolfSSL 5.7.4 CVE
HIGH 8.2 CVE-2026-55960

Un-negotiated Raw Public Key (RFC 7250) accepted in place of X.509, bypassing chain validation_CVE-2026-55960

Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so Pa...

wolfSSL wolfSSL 5.6.4 CVE
HIGH 8.3 CVE-2026-55958

Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage_CVE-2026-55958

Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsip_StoreMessage() the capacity check guarding the fixed message bag (MSGBAG...

wolfSSL wolfSSL 5.4.0 CVE
MEDIUM 4.2 CVE-2026-2299

Improper Access Control in Mattermost Google Drive Plugin File Creation Endpoint_CVE-2026-2299

The Mattermost Google Drive plugin before version 1.1.0 fails to validate channel membership in the file creation endpoint, allowing authenticated ...

Mattermost Mattermost Google Drive Plugin CVE
MEDIUM 6.3 CVE-2026-12340

Out-of-bounds heap read in SM2/SM3 certificate Subject Key Identifier computation_CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Id...

wolfSSL wolfSSL 5.6.4 CVE
HIGH 8.7 CVE-2026-11310

X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring_CVE-2026-11310

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-ope...

wolfSSL wolfSSL 5.8.4 CVE
MEDIUM 6.3 CVE-2026-10592

Wildcard DNS SAN bypasses CA name-constraint checks_CVE-2026-10592

Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be r...

wolfSSL wolfSSL 3.9.10 CVE
LOW 2.3 CVE-2026-7531

Use-after-free in PQC hybrid key-share handling_CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 serv...

wolfSSL wolfSSL 5.8.0 CVE