Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

180 New today
64,699 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
61
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.7 CVE-2026-50169

Angular Service Worker Policy-Bypass & Credential-Stripping Vulnerabilities_CVE-2026-50169

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-rc.2 CVE
HIGH 8.8 CVE-2026-50168

Angular: URL Parser Differential in @angular/platform-server leading to SSRF Allowlist Bypass_CVE-2026-50168

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-rc.2 CVE
LOW 3.2 CVE-2026-49356

Babel: Arbitrary File Read via sourceMappingURL Comment in @babel/core_CVE-2026-49356

Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a so...

babel babel >= 8.0.0-alpha.0, < 8.0.0-rc.5 CVE
HIGH 7.5 CVE-2026-48712

protobufjs: Denial of service through unbounded Any expansion during JSON conversion_CVE-2026-48712

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.6.1 and 8.4.1, protobufjs could recurse without a depth limit w...

protobufjs protobuf.js < 7.6.1 CVE
HIGH 8.8 CVE-2026-46417

Angular: SSRF via Hostname Hijacking in @angular/platform-server_CVE-2026-46417

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-next.12 CVE
HIGH 7.5 CVE-2026-42127

Grafana pre-auth DoS through arbitrarily large input to public dashboard query handler_CVE-2026-42127

The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive mem...

Grafana Grafana Enterprise CVE
HIGH 8.3 CVE-2026-12249

Canonical ADSys Trust Store Poisoning via Plaintext HTTP Certificate Auto-Enrollment_CVE-2026-12249

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services (AD CS) certificate auto...

N/A N/A 0.13.0 CVE
MEDIUM 4.8 CVE-2026-11994

Akaunting 3.1.21 – Authenticated stored XSS in report description rendering_CVE-2026-11994

Akaunting 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to c...

Akaunting Akaunting 3.1.21 CVE
CRITICAL 9.6 CVE-2026-10789

MCP Extension Code Injection Vulnerability in Autodesk Fusion Desktop_CVE-2026-10789

A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerabili...

Autodesk Fusion 2703.1.11 CVE