Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

341 New today
65,645 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
358
Jun 25
Jun 26
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.4 CVE-2026-40702

EVoke Systems EVoke CSMS Missing Authentication for Critical Function_CVE-2026-40702

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit ...

EVoke EVoke CSMS All versions CVE
HIGH 7.4 CVE-2026-12992

Apicurio/apicurio-registry: apicurio-registry: ssrf via wsdl4j import dereference in wsdl full validation_CVE-2026-12992

A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature....

Red Hat Red Hat build of Apicurio Registry 3 CVE
HIGH 8.5 CVE-2026-12975

Apicurio/apicurio-registry: apicurio-registry: unhardened saxparser in content-type detection leads to blind xxe / ssrf / billion-laughs dos_CVE-2026-12975

A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing fea...

Red Hat Red Hat build of Apicurio Registry 3 CVE
HIGH 8.1 CVE-2026-11800

Org.keycloak:keycloak-services: keycloak: authentication bypass via jwt algorithm confusion_CVE-2026-11800

A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow allows an attacker with valid client c...

Red Hat Red Hat build of Keycloak 26.6 26.6.4-2 CVE
MEDIUM 6 CVE-2026-11703

Missing SNI/ALPN binding on stateful (session-ID) TLS session resumption_CVE-2026-11703

Missing SNI/ALPN binding on stateful (session-ID) resumption, which previously skipped the binding check performed for ticket-based resumption. A c...

wolfSSL wolfSSL 3.15.0 CVE
MEDIUM 6.3 CVE-2026-10098

OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status_CVE-2026-10098

OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status allows a same-issuer SingleResponse whose serial is a prefix of the tar...

wolfSSL wolfSSL 4.6.0 CVE
MEDIUM 5.7 CVE-2026-7532

iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined_CVE-2026-7532

iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allo...

wolfSSL wolfSSL CVE
MEDIUM 5.9 CVE-2026-7511

PKCS7_verify signer confusion allows forged signatures to be accepted_CVE-2026-7511

PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged si...

wolfSSL wolfSSL 3.15.5 CVE
HIGH 8.1 CVE-2026-22879

CVE-2026-22879_CVE-2026-22879

vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability

vtk vtk 9.5.2 CVE