Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

289 New today
64,604 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
283
Jun 22
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.7 CVE-2026-56323

Capgo – Unauthenticated Channel Enumeration and App Oracle via GET /channel_self_CVE-2026-56323

Capgo before 12.128.2 contains an information disclosure vulnerability in the /functions/v1/channel_self endpoint that allows unauthenticated attac...

Capgo Capgo CVE
MEDIUM 6.9 CVE-2026-56321

Capgo – Missing Authentication Middleware on GET /private/role_bindings Endpoint_CVE-2026-56321

Capgo (backend Supabase edge functions) before 12.128.2 does not apply the global authentication middleware to the GET /private/role_bindings/:org_...

Capgo Capgo CVE
HIGH 7.1 CVE-2026-56314

Capgo – Deleted Bundle Selection via Missing Deletion Filter in /updates Endpoint_CVE-2026-56314

Capgo before 12.128.12 fails to filter deleted app versions when joining channels during /updates resolution, allowing deleted bundles to remain se...

Capgo Capgo CVE
MEDIUM 6.9 CVE-2026-56311

Capgo – Unauthenticated Cross-Tenant Disclosure via get_current_plan_max_org RPC_CVE-2026-56311

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.get_current_plan_max_org RPC function that allows unauthenticate...

Capgo Capgo CVE
MEDIUM 5.3 CVE-2026-56306

Capgo – Subkey Enforcement Bypass via x-limited-key-id Header Parsing_CVE-2026-56306

Capgo before 12.128.2 contains a weak parsing vulnerability in the x-limited-key-id header that allows attackers to bypass subkey enforcement by su...

Capgo Capgo CVE
HIGH 7.1 CVE-2026-56280

Cap-go – Privilege Inversion in Build Log Stream via SSE Disconnect_CVE-2026-56280

Cap-go before 12.128.2 contains a privilege inversion vulnerability in GET /build/logs/:jobId that allows read-only API key holders to cancel runni...

Cap-go capgo CVE
MEDIUM 5.3 CVE-2026-56268

Flowise – Cross-Workspace Information Disclosure via chatflows/apikey Endpoint_CVE-2026-56268

Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query para...

Flowise Flowise CVE
CRITICAL 9.2 CVE-2026-56266

Crawl4AI – Server-Side Request Forgery via Direct Crawl Endpoints_CVE-2026-56266

Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitra...

unclecode Crawl4AI 0.8.7 CVE
MEDIUM 5.3 CVE-2026-56255

Capgo – Denial of Service via Unlimited Demo App Creation_CVE-2026-56255

Capgo before 12.128.2 contains a denial of service vulnerability in the POST /app/demo endpoint that allows authenticated users with org write perm...

Capgo Capgo CVE