Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

287 New today
64,643 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
5
Jun 23
Critical
High
Medium
Low
Latest
CVE CVSS 5.8

phpseclib: X.509 certificate validation sends attacker-controlled outbound requests (server-side request forgery) via Authority Information Access_CVE-2026-55599

phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature() reads a URL out of that certificate's Authority Information Access (AIA) extens...

CVE-2026-55599 phpseclib phpseclib >= 0.1.1, < 1.0.30
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.9 CVE-2026-54651

pypdf: Possible infinite loop when processing threads/articles in writer_CVE-2026-54651

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an...

py-pdf pypdf < 6.13.1 CVE
MEDIUM 6.9 CVE-2026-54531

pypdf: Possible infinite loop when processing outlines/bookmarks in writer_CVE-2026-54531

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an...

py-pdf pypdf < 6.13.0 CVE
MEDIUM 6.9 CVE-2026-54530

pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction_CVE-2026-54530

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an...

py-pdf pypdf < 6.13.0 CVE
CRITICAL 9.5 CVE-2026-49468

LiteLLM: Authentication Bypass via Host Header Injection_CVE-2026-49468

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0.

BerriAI litellm < 1.84.0 CVE
MEDIUM 6.9 CVE-2026-49461

pypdf: Possible large memory usage for form XObjects during text extraction_CVE-2026-49461

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to la...

py-pdf pypdf < 6.12.2 CVE
MEDIUM 5.1 CVE-2026-49460

pypdf: Inefficient decoding of FlateDecode PNG predictor streams_CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to lo...

py-pdf pypdf < 6.12.2 CVE
MEDIUM 5.8 CVE-2026-47242

Net::IMAP: Command Injection via ID command argument_CVE-2026-47242

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, when Net::IMAP#id is called w...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
LOW 2.1 CVE-2026-47241

Net::IMAP: Denial of Service via incomplete raw argument validation_CVE-2026-47241

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands ac...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
MEDIUM 5.8 CVE-2026-47240

Net::IMAP: Command Injection via non-synchronizing literal in “raw” argument_CVE-2026-47240

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands ac...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE