Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

292 New today
64,923 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
285
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.3 CVE-2026-53923

vLLM GGUF Kernels: int64_t to int truncation of tensor dimensions causes GPU buffer overflow_CVE-2026-53923

vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vL...

vllm-project vllm >= 0.5.5, < 0.23.1rc0 CVE
CRITICAL 9.1 CVE-2026-48746

vLLM: OpenAI auth bypass_CVE-2026-48746

vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlett...

vllm-project vllm >= 0.3.0, < 0.22.0 CVE
MEDIUM 6.5 CVE-2026-47155

vLLM: Artifact Pin Decay in vLLM allows pinned deployments to load unpinned code, weights, and processors_CVE-2026-47155

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, vLLM's revision pinning controls do not consistently app...

vllm-project vllm < 0.22.0 CVE
HIGH 7.5 CVE-2026-41523

vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution_CVE-2026-41523

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation func...

vllm-project vllm < 0.22.0 CVE
NONE 959BDE59-627E-

bypass-code-defender_959BDE59-627E-5EBC-B239-D7E23BC18A90

ansi β”Œβ”€β”€rootπŸ’€bypass- └─ cat /etc/bypass-code/about ─────────────────────────────────── yaml system: name: "BYPASSCODE" role: "server / vps guardia...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 MS:CVE-2026-12439

Chromium: CVE-2026-12439 Use after free in Digital Credentials_MS:CVE-2026-12439

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
MEDIUM 4.2 MS:CVE-2026-12456

Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions_MS:CVE-2026-12456

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
MEDIUM 6.5 MS:CVE-2026-12461

Chromium: CVE-2026-12461 Out of bounds read in WebRTC_MS:CVE-2026-12461

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
HIGH 7.5 CVE-2026-55603

http-proxy-middleware: multipart/form-data field injection via unescaped CRLF in `fixRequestBody`_CVE-2026-55603

http-proxy-middleware is node.js http-proxy middleware. From 3.0.4 until 3.0.7 and 4.1.1, fixRequestBody() is the library's documented helper for r...

chimurai http-proxy-middleware >= 3.0.4, < 3.0.7 CVE