Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

243 New today

65,336 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

Jun 25

Critical

High

Medium

Low

Latest

CVE CVSS 7.8

MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability_CVE-2026-10043

MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MosaicML Composer. User interaction is required to exploit this vulnerability in that the ...

CVE-2026-10043 MosaicML Composer 0.32.1

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	75711BFE-8B18-	Exploit for CVE-2026-56111_75711BFE-8B18-55AC-A70F-7ACF021EFAE2 CVE-2026-56111 - Marlin M421 Out-of-bounds Write Proof of concept for CVE-2026-56111, an out-of-bounds write in the M421 G-code handler of Marlin F...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 9.8	MSF:AUXILIARY-SCANNER-	BerriAI LiteLLM Proxy Pre-Auth SQL Injection Scanner_MSF:AUXILIARY-SCANNER-HTTP-LITELLM_PROXY_SQLI- This module detects BerriAI LiteLLM proxy servers affected by CVE-2026-42208, an unauthenticated SQL injection. During API-key verification the pro...	N/A	N/A	Jun 24, 2026	METASPLOIT
CRITICAL 9.1	MSF:AUXILIARY-SCANNER-	Next.js Middleware Authorization Bypass Scanner_MSF:AUXILIARY-SCANNER-HTTP-NEXTJS_MIDDLEWARE_AUTH_BYPASS- This module detects self-hosted Next.js applications affected by CVE-2025-29927, an authorization bypass in the middleware layer. Next.js tags its ...	N/A	N/A	Jun 24, 2026	METASPLOIT
HIGH 8.8	MALWAREBYTES:EC...	PixelSmash flaw turns video files into attack tools_MALWAREBYTES:EC34003352AA88477BAACCE9BF91A066 A newly discovered vulnerability in FFmpeg’s MagicYUV decoder can turn a tiny, malformed video into a foothold for attackers. Researchers have dis...	N/A	N/A	Jun 24, 2026	MALWAREBYTES
NONE	MSSECURE:3B070B...	CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms_MSSECURE:3B070B95A636749B56951E3900D3E767 Cloud security is shifting from visibility to context-aware risk reduction, helping security teams understand which exposures matter most, prioriti...	N/A	N/A	Jun 24, 2026	MSSECURE
HIGH 7.5	CVE-2026-53950	@tryghost/activitypub: XSS in Ghost’s ActivityPub client_CVE-2026-53950 @tryghost/activitypub is Ghost’s social/federation client app. Prior to 3.1.0, the ActivityPub client in Ghost was vulnerable to JavaScript injecti...	TryGhost	Ghost < 3.1.0	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-53949	Ghost Content API filter bypass reveals private fields_CVE-2026-53949 Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be part...	TryGhost	Ghost >= 5.46.1, < 6.21.2	Jun 24, 2026	CVE
MEDIUM 5.4	CVE-2026-53948	Ghost: File Upload Content-Type Spoofing_CVE-2026-53948 Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admi...	TryGhost	Ghost >= 6.19.4, < 6.21.1	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-53947	Ghost: Member existence leak via magic link sign-in response_CVE-2026-53947 Ghost is a Node.js content management system. From 5.18.0 until 6.21.1, a discrepancy in responses from the members signin endpoints made it possib...	TryGhost	Ghost >= 5.18.0, < 6.21.1	Jun 24, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability_CVE-2026-10043

Recent Advisories

Exploit for CVE-2026-56111_75711BFE-8B18-55AC-A70F-7ACF021EFAE2

BerriAI LiteLLM Proxy Pre-Auth SQL Injection Scanner_MSF:AUXILIARY-SCANNER-HTTP-LITELLM_PROXY_SQLI-

Next.js Middleware Authorization Bypass Scanner_MSF:AUXILIARY-SCANNER-HTTP-NEXTJS_MIDDLEWARE_AUTH_BYPASS-

PixelSmash flaw turns video files into attack tools_MALWAREBYTES:EC34003352AA88477BAACCE9BF91A066

CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms_MSSECURE:3B070B95A636749B56951E3900D3E767

@tryghost/activitypub: XSS in Ghost’s ActivityPub client_CVE-2026-53950

Ghost Content API filter bypass reveals private fields_CVE-2026-53949

Ghost: File Upload Content-Type Spoofing_CVE-2026-53948

Ghost: Member existence leak via magic link sign-in response_CVE-2026-53947

Protect Your Attack Surface with RedGem

Security Intelligence
Feed