Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

307 New today
65,239 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
307
Jun 24
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-54518

jackson-databind: @JsonView bypass for unwrapped creator parameters in jackson-databind_CVE-2026-54518

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3....

FasterXML jackson-databind >= 2.21.0, < 2.21.4 CVE
HIGH 8.4 CVE-2026-56785

FlatPress – Stored Cross-Site Scripting via Unescaped Comment and Contact Form Fields_CVE-2026-56785

FlatPress versions prior to commit 10be83c, contains a stored cross-site scripting vulnerability in comment and contact forms where name, URL, and ...

FlatPress FlatPress CVE
CRITICAL 9.6 CVE-2026-54588

Poweradmin has Host Header Injection in OIDC redirect_uri, SAML ACS/SLO URL, and Logout Redirect Construction._CVE-2026-54588

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` re...

poweradmin poweradmin < 4.2.4 CVE
MEDIUM 5.5 CVE-2026-48493

Snipe-IT Vulnerable to Privilege Escalation for self via API Permissions Assignment_CVE-2026-48493

Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PATCH to /api/v1/users/{their...

grokability snipe-it < 8.6.0 CVE
MEDIUM 6.9 CVE-2026-47693

Poweradmin: CSV Injection in log export endpoints allows formula execution in spreadsheet applications_CVE-2026-47693

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection (Formula I...

poweradmin poweradmin < 4.2.4 CVE
MEDIUM 4.9 CVE-2026-12164

Privilege Escalation in Fortra File Integrity Monitoring (FIM)_CVE-2026-12164

Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permission...

Fortra File Integrity Monitoring (FIM) CVE
MEDIUM 5.5 CVE-2026-12163

Stored XSS in Fortra File Integrity Monitoring (FIM)_CVE-2026-12163

Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting (XSS) vulnera...

Fortra Fortra File Integrity Monitoring (FIM) CVE
HIGH 8.2 CVE-2026-11972

tarfile opened in streaming mode mishandles EOF_CVE-2026-11972

When using the "tarfile" module with a file opened in "streaming mode" (mode="r|") the tarfile module did not properly handle EOF, meaning an archi...

Python Software Foundation CPython CVE
HIGH 8.7 F3832E4F-76F3-

Exploit for CVE-2026-11834_F3832E4F-76F3-50B7-92A3-92EB0B582EB1

CVE-2026-11834 PoC TP-Link DHCP Option 66 Unauthenticated RCE CVE-2026-11834 Overview A command injection vulnerability CWE-78 in the DHCP Option 6...

N/A N/A GITHUBEXPLOIT