Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

199 New today

64,510 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

189

Jun 22

Critical

High

Medium

Low

Latest

CVE CVSS 5.5

NTLMv2 hash disclosure via UNC path handling on Windows_CVE-2026-53632

launch-editor allows users to open files with line numbers in editor from Node.js. Prior to 2.14.1, the launch-editor NPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically attempts NTLM authentication to the remote h...

CVE-2026-53632 vitejs launch-editor < 2.14.1

Jun 22, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.2	CVE-2026-53571	Vite: `server.fs.deny` bypass on Windows alternate paths_CVE-2026-53571 Vite is a frontend tooling framework for JavaScript. Prior to 8.0.16, 7.3.5, and 6.4.3, the contents of files that are specified by server.fs.deny ...	vitejs	vite >= 8.0.0, < 8.0.16	Jun 22, 2026	CVE
LOW 3.7	CVE-2026-53540	Python-Multipart: Negative Content-Length in parse_form buffers the entire body in memory_CVE-2026-53540 Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.31, parse_form() did not validate the Content-Length header before using ...	Kludex	python-multipart < 0.0.31	Jun 22, 2026	CVE
HIGH 7.5	CVE-2026-53539	Python-Multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service_CVE-2026-53539 Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, when parsing application/x-www-form-urlencoded bodies, QuerystringPar...	Kludex	python-multipart < 0.0.30	Jun 22, 2026	CVE
LOW 3.7	CVE-2026-53538	Python-Multipart: Semicolon treated as querystring field separator enables parameter smuggling_CVE-2026-53538 Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www...	Kludex	python-multipart < 0.0.30	Jun 22, 2026	CVE
LOW 3.7	CVE-2026-53537	Python-Multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters_CVE-2026-53537 Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parse_options_header parsed Content-Disposition (and Content-Type) he...	Kludex	python-multipart < 0.0.30	Jun 22, 2026	CVE
HIGH 8.6	CVE-2026-50556	Angular: Missing `

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

NTLMv2 hash disclosure via UNC path handling on Windows_CVE-2026-53632

Recent Advisories

Vite: `server.fs.deny` bypass on Windows alternate paths_CVE-2026-53571

Python-Multipart: Negative Content-Length in parse_form buffers the entire body in memory_CVE-2026-53540

Python-Multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service_CVE-2026-53539

Python-Multipart: Semicolon treated as querystring field separator enables parameter smuggling_CVE-2026-53538

Python-Multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters_CVE-2026-53537

Security Intelligence
Feed