Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

291 New today
66,393 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
53
Jun 27
291
Jun 28
Critical
High
Medium
Low
Latest
CVE CVSS 4.3

Product Specifications for Woocommerce <= 0.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attribute/Group Creation, Modification, and Deletion via 'dwps_modify_groups' and 'dwps_modify_attributes' AJAX Actions_CVE-2026-11364

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the __invoke() methods ...

CVE-2026-11364 dornaweb Product Specifications for Woocommerce
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.8 ECD48805-B674-

Exploit for Use After Free in Linux Linux_Kernel_ECD48805-B674-5D15-9640-7AE6AB574266

CVE-2026-43499 — Linux Kernel Futex PI Use-After-Free Bug removewaiter in kernel/locking/rtmutex.c is used by the slowlock paths but also for proxy...

N/A N/A GITHUBEXPLOIT
CRITICAL 10 449EB399-8D3C-

Exploit for Improper Access Control in Widgetfactorylimited Jce_449EB399-8D3C-5528-B03B-B58DC4645B9D

MASTA CVE-2026-48907 Scanner Joomla! JCE 2.9.99.5 Unauthenticated Remote Code Execution RCE Scanner --- 🚨 LEGAL DISCLAIMER & ETHICAL USE This tool...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 CVE-2026-12415

Invoice Generator <= 1.0.0 - Unauthenticated Privilege Escalation via Account Takeover via 'user_id' Parameter_CVE-2026-12415

The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravel_invoice_edit_accou...

pravel Invoice Generator CVE
NONE ED09B2EE-07B3-

joomla-exploits-main_ED09B2EE-07B3-547B-93CC-D9DAC465C0D2

joomla-exploits 😸 Title: Joomla! 4.2.8 - Unauthenticated information disclosure Exploit author: HACKFUT Date: 2024-01-24 Vendor Homepage: https://...

N/A N/A GITHUBEXPLOIT
HIGH 8.7 7D0D67E6-AAE8-

Exploit for CVE-2026-46331_7D0D67E6-AAE8-52CC-B577-3C66E3ECB231

cve-id ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated l...

N/A N/A GITHUBEXPLOIT
NONE 20339A1B-9C90-

testimonial-widgets-sqli-cve_20339A1B-9C90-5D17-8F25-2CA188B77EB8

CVE-2026-XXXXX Admin SQL Injection in Testimonial Widgets WordPress Plugin via Search Parameter --- Advisory Information | Field | Value | |-------...

N/A N/A GITHUBEXPLOIT
NONE 90D1D177-0CB7-

sakura-theme-sqli-cve_90D1D177-0CB7-518B-832F-B8A088EB0B9F

CVE-2026-XXXXX Unauthenticated SQL Injection in Sakura WordPress Theme via Comment Markdown Parser --- Advisory Information | Field | Value | |----...

N/A N/A GITHUBEXPLOIT
NONE 5E55BB2B-EBD9-

boxmoe-dove-sqli-cve_5E55BB2B-EBD9-5DB8-8B52-3F16A438DA24

CVE-2026-XXXXX Unauthenticated SQL Injection in Boxmoe Dove WordPress Theme via AJAX Comment Handler --- Advisory Information | Field | Value | |--...

N/A N/A GITHUBEXPLOIT
MEDIUM 4.3 CVE-2026-13422

HD Quiz 2.2.0 – 2.2.1 – Cross-Site Request Forgery via Multiple AJAX Handlers_CVE-2026-13422

The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce ...

harmonic_design HD Quiz 2.2.0 CVE