Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

54 New today

64,223 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

CVE CVSS 5.3

Cap-go – Broken Cursor Pagination in /private/devices Endpoint_CVE-2026-56307

Cap-go before 12.128.12 contains a broken cursor pagination vulnerability in the /private/devices endpoint on the Cloudflare/workerd path that allows authenticated attackers to cause duplicate-page loops and make later rows unreachable. Attackers with app.read_devices access c...

CVE-2026-56307 Cap-go capgo

Jun 20, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-56304	picklescan – Arbitrary File Creation via logging.FileHandler Deserialization_CVE-2026-56304 picklescan before 1.0.1 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to create arbitrary zero-byte fi...	picklescan	picklescan	Jun 20, 2026	CVE
MEDIUM 5.3	CVE-2026-56295	Capgo – Policy Enforcement Bypass in Webhook Management Endpoints via Non-Expiring API Keys_CVE-2026-56295 Capgo before 12.128.2 contains an authorization bypass vulnerability in webhook management endpoints that allows non-expiring API keys to bypass th...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 4.3	CVE-2026-56294	capacitor-native-biometric – Authentication Bypass via Unvalidated CryptoObject in onAuthenticationSucceeded_CVE-2026-56294 capacitor-native-biometric before 12.128.2 contains an authentication bypass vulnerability where the onAuthenticationSucceeded() method fails to va...	capacitor-native-biometric	capacitor-native-biometric	Jun 20, 2026	CVE
MEDIUM 6.9	CVE-2026-56282	Capgo – Information Disclosure via Unauthenticated /replication Endpoint_CVE-2026-56282 Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQ...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 6	CVE-2026-56276	Flowise – Mass Assignment in PUT /api/v1/user Allows Password Hash Override_CVE-2026-56276 Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify t...	Flowise	Flowise	Jun 20, 2026	CVE
MEDIUM 6.9	CVE-2026-56267	Flowise – PII Disclosure via Unauthenticated Forgot Password Endpoint_CVE-2026-56267 Flowise before 3.0.13 contains an information exposure vulnerability in the POST /api/v1/account/forgot-password endpoint that returns full user ob...	Flowise	Flowise	Jun 20, 2026	CVE
MEDIUM 6.9	CVE-2026-56235	Capgo – Unauthenticated Cross-Tenant Metrics Disclosure via RPC Functions_CVE-2026-56235 Cap-go capgo before 12.128.2 contains an authorization bypass in several Supabase PostgREST RPC functions (get_app_metrics, get_global_metrics, get...	Cap-go	capgo	Jun 20, 2026	CVE
MEDIUM 6.9	CVE-2026-56228	Capgo – Denial of Service via Improper Password Policy Length Validation_CVE-2026-56228 Capgo before 12.128.2 fails to enforce a maximum value on the minimum password length field in its password policy configuration. An authenticated ...	Capgo	Capgo	Jun 20, 2026	CVE
MEDIUM 5.3	CVE-2026-56227	Capgo – Server-Side Request Forgery via Webhook URL Validation_CVE-2026-56227 Capgo before 12.128.2 contains a server-side request forgery vulnerability in webhook URL validation that allows loopback and internal addresses. O...	Capgo	Capgo	Jun 20, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Cap-go – Broken Cursor Pagination in /private/devices Endpoint_CVE-2026-56307

Recent Advisories

picklescan – Arbitrary File Creation via logging.FileHandler Deserialization_CVE-2026-56304

Capgo – Policy Enforcement Bypass in Webhook Management Endpoints via Non-Expiring API Keys_CVE-2026-56295

capacitor-native-biometric – Authentication Bypass via Unvalidated CryptoObject in onAuthenticationSucceeded_CVE-2026-56294

Capgo – Information Disclosure via Unauthenticated /replication Endpoint_CVE-2026-56282

Flowise – Mass Assignment in PUT /api/v1/user Allows Password Hash Override_CVE-2026-56276

Flowise – PII Disclosure via Unauthenticated Forgot Password Endpoint_CVE-2026-56267

Capgo – Unauthenticated Cross-Tenant Metrics Disclosure via RPC Functions_CVE-2026-56235

Capgo – Denial of Service via Improper Password Policy Length Validation_CVE-2026-56228

Capgo – Server-Side Request Forgery via Webhook URL Validation_CVE-2026-56227

Protect Your Attack Surface with RedGem

Security Intelligence
Feed