Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

128 New today

64,732 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

Jun 23

Critical

High

Medium

Low

Latest

CVE CVSS 8.7

NetComm NF20MESH < R6B032 Authenticated RCE via OS Command Injection_CVE-2026-35018

NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands as root by injecting shell metacharacters into the username JSON parameter processed by t...

CVE-2026-35018 NetComm Wireless Pty Ltd NF20MESH R6B031 and earlier

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.4	CVE-2026-28496	FOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCE_CVE-2026-28496 FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template Injection (SSTI) vulne...	FOSSBilling	FOSSBilling < 0.8.0	Jun 23, 2026	CVE
CRITICAL 10	CVE-2026-27604	FOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin Functions_CVE-2026-27604 FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization byp...	FOSSBilling	FOSSBilling >= 0.5.4, < 0.8.0	Jun 23, 2026	CVE
NONE	THN:70DA639E50D...	Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents_THN:70DA639E50D29B870448D12D6323F7DF ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb14v3ddlfpybc15jRbk-cwHI-0S8BAzdp8Ix83L5ZCZ4AB8gCySG7J4tZr4od9q3Jbuic1a4J29VAvRcdSQ...	N/A	N/A	Jun 23, 2026	THN
NONE	THN:5382CB6B456...	Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration_THN:5382CB6B456E3DF10A48275317E6FC76 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoC7KFWoDGkSi-UzAyKNUkw-Ogs4oy2tCOAYXiYAAkqEUC1WMotLAE1GUwoWApfXK3prWVctTP05aLGjru0h...	N/A	N/A	Jun 23, 2026	THN
MEDIUM 5.3	CVE-2026-56696	OpenHarness – Prompt Injection via /issue and /pr_comments Slash Commands_CVE-2026-56696 OpenHarness /issue and /pr_comments slash commands lack remote_invocable=False protection, allowing remote channel senders to write attacker-contro...	HKUDS	OpenHarness	Jun 23, 2026	CVE
HIGH 7.1	CVE-2026-56695	OpenHarness – Cross-Session Disclosure via /resume and /summary Commands_CVE-2026-56695 OpenHarness ohmo gateway /resume and /summary slash commands default remote_invocable to True, allowing admitted remote senders to enumerate and lo...	HKUDS	OpenHarness	Jun 23, 2026	CVE
MEDIUM 5.3	CVE-2026-56694	NanoClaw < 2.1.0 - Privilege Escalation via Forged Channel Approval Callback_CVE-2026-56694 NanoClaw before 2.1.0 contains a privilege escalation vulnerability in the channel-registration approval flow where handleChannelApprovalResponse f...	nanocoai	nanoclaw	Jun 23, 2026	CVE
MEDIUM 6.8	CVE-2026-56693	NanoClaw < 2.1.17 - Privilege Escalation via Unauthorized create_agent System Action_CVE-2026-56693 NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the create_agent delivery-action handler that performs privileged central-d...	nanocoai	nanoclaw	Jun 23, 2026	CVE
MEDIUM 6.8	CVE-2026-56692	NanoClaw < 2.1.17 - Arbitrary File Read via Symlink Following in forwardAttachedFiles_CVE-2026-56692 NanoClaw before 2.1.17 contains a symlink following vulnerability in forwardAttachedFiles that allows container-controlled agents to exfiltrate hos...	nanocoai	nanoclaw	Jun 23, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

NetComm NF20MESH < R6B032 Authenticated RCE via OS Command Injection_CVE-2026-35018

Recent Advisories

FOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCE_CVE-2026-28496

FOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin Functions_CVE-2026-27604

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents_THN:70DA639E50D29B870448D12D6323F7DF

Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration_THN:5382CB6B456E3DF10A48275317E6FC76

OpenHarness – Prompt Injection via /issue and /pr_comments Slash Commands_CVE-2026-56696

OpenHarness – Cross-Session Disclosure via /resume and /summary Commands_CVE-2026-56695

NanoClaw < 2.1.0 - Privilege Escalation via Forged Channel Approval Callback_CVE-2026-56694

NanoClaw < 2.1.17 - Privilege Escalation via Unauthorized create_agent System Action_CVE-2026-56693

NanoClaw < 2.1.17 - Arbitrary File Read via Symlink Following in forwardAttachedFiles_CVE-2026-56692

Protect Your Attack Surface with RedGem

Security Intelligence
Feed