Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

412 New today
67,189 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
53
Jun 27
318
Jun 28
284
Jun 29
427
Jun 30
58
Jul 1
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2026-57585

MessagePack: Out-of-bounds read/crash on Unpacker reuse after caught error_CVE-2026-57585

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a...

msgpack msgpack-python < 1.2.1 CVE
MEDIUM 6.9 CVE-2026-57204

pypdf: Missing stream length values ignore defined limits_CVE-2026-57204

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulner...

py-pdf pypdf < 6.13.3 CVE
MEDIUM 6.3 CVE-2026-10585

Stored cross-site scripting vulnerability in GitHub Enterprise Server allowed arbitrary JavaScript execution via crafted Discussion titles in the Q&A category_CVE-2026-10585

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary ...

GitHub Enterprise Server 3.17.0 CVE
HIGH 8.7 CVE-2026-57995

phpMyFAQ – Privilege Escalation via Missing Self-Rights Constraint in GroupController::updatePermissions_CVE-2026-57995

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUP_EDIT administrators to ...

phpMyFAQ phpMyFAQ CVE
MEDIUM 5.3 CVE-2026-56777

n8n – AST Validator Bypass in Python Code Node_CVE-2026-56777

n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree (AST) security validator bypass in the Python Code node. An authenticat...

n8n n8n CVE
CRITICAL 9.3 CVE-2026-56700

Grav – Multiple Remote Code Execution Vulnerabilities via Unsafe Unserialize and Command Injection_CVE-2026-56700

Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls - in Scheduler\JobQueue, Framework\...

Grav Grav CVE
MEDIUM 5.3 CVE-2026-56399

Open WebUI – Server-Side Request Forgery via Location Redirect in /api/v1/retrieval/process/web_CVE-2026-56399

Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticat...

open-webui open-webui CVE
MEDIUM 4.8 CVE-2026-56377

ImageMagick – Policy Bypass via Incorrect Path Validation_CVE-2026-56377

ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. R...

ImageMagick ImageMagick CVE
MEDIUM 6.3 CVE-2026-56369

ImageMagick – Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage_CVE-2026-56369

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attacke...

ImageMagick ImageMagick CVE