Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

80 New today

64,290 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

GITHUBEXPLOIT CVSS 5.1

Exploit for Infinite Loop in Pypdf_Project Pypdf_C90CEE4A-6BE7-53CA-8B7A-A5DA2843514F

CVE-2026-24688 - pypdf - Circular Reference DoS Vulnerability This repo includes proof of concept code for triggering CVE-2026-24688. Summary Critical Denial of Service vulnerability in pypdf's outline bookmark parsing logic. When processing a PDF with...

C90CEE4A-6BE7-53CA-8B7A-A5DA2843514F

Jun 21, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	100EB90F-41EE-	github-trending-xss-vulnerability-scanner_100EB90F-41EE-5C0A-A5FB-674097998814 XSS Vulnerability Scanner Plugin Comprehensive cross-site scripting XSS vulnerability detection with context-aware analysis and bypass technique te...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
NONE	7CA75EAE-A0F0-	elevate-kit_7CA75EAE-A0F0-5208-961E-2A8AB16A5A95 elevate-kit Local privilege escalation enumeration scripts for Linux and Windows. Both tools assume you already have a foothold a shell / session o...	N/A	N/A	Jun 21, 2026	GITHUBEXPLOIT
CRITICAL 9.4	CVE-2026-56397	SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README_CVE-2026-56397 SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject ...	SiYuan	SiYuan	Jun 21, 2026	CVE
HIGH 8.7	CVE-2026-56396	phpMyFAQ – Privilege Escalation via Missing Authorization in editUser() and updateUserRights()_CVE-2026-56396 phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated admini...	phpMyFAQ	phpMyFAQ	Jun 21, 2026	CVE
CRITICAL 9.4	CVE-2026-56395	SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README_CVE-2026-56395 SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject ...	SiYuan	SiYuan	Jun 21, 2026	CVE
HIGH 7.1	CVE-2026-56394	Craft CMS – Authenticated Path Traversal in assets/icon Extension Parameter_CVE-2026-56394 Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not va...	craftcms	cms 4.0.0-RC1	Jun 21, 2026	CVE
MEDIUM 4.6	CVE-2026-56393	Craft CMS – Multiple Stored Cross-Site Scripting in Settings Names and Field Options_CVE-2026-56393 Craft CMS 4.x (>= 4.0.0-RC1, < 4.17.0-beta.1) and 5.x (>= 5.0.0-RC1, < 5.9.0-beta.1) contain multiple stored cross-site scripting vulnerabilities w...	craftcms	cms 5.0.0-RC1	Jun 21, 2026	CVE
MEDIUM 5.3	CVE-2026-56385	Craft CMS – Authorization Bypass in assets/preview-file Endpoint_CVE-2026-56385 Craft CMS versions >= 5.0.0-RC1, = 4.0.0-RC1,	craftcms	cms 5.0.0-RC1	Jun 21, 2026	CVE
MEDIUM 5.3	CVE-2026-56384	Craft CMS – Missing Authorization in assets/preview-thumb Endpoint_CVE-2026-56384 Craft CMS contains a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user without permission to view a ta...	craftcms	cms 4.0.0-RC1	Jun 21, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Exploit for Infinite Loop in Pypdf_Project Pypdf_C90CEE4A-6BE7-53CA-8B7A-A5DA2843514F

Recent Advisories

github-trending-xss-vulnerability-scanner_100EB90F-41EE-5C0A-A5FB-674097998814

elevate-kit_7CA75EAE-A0F0-5208-961E-2A8AB16A5A95

SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README_CVE-2026-56397

phpMyFAQ – Privilege Escalation via Missing Authorization in editUser() and updateUserRights()_CVE-2026-56396

SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README_CVE-2026-56395

Craft CMS – Authenticated Path Traversal in assets/icon Extension Parameter_CVE-2026-56394

Craft CMS – Multiple Stored Cross-Site Scripting in Settings Names and Field Options_CVE-2026-56393

Craft CMS – Authorization Bypass in assets/preview-file Endpoint_CVE-2026-56385

Craft CMS – Missing Authorization in assets/preview-thumb Endpoint_CVE-2026-56384

Protect Your Attack Surface with RedGem

Security Intelligence
Feed