Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

292 New today
64,923 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
285
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
NONE C9AAD52B-CC2A-

pharaohound_C9AAD52B-CC2A-5C4D-BBAD-E9DCAB26CB8B

☥ Pharaohound ☥ The Fast-Triage, Command-Generating Active Directory Analysis Engine Pharaohound is a streaming, concurrent, and highly modular Act...

N/A N/A GITHUBEXPLOIT
MEDIUM 5.4 CVE-2026-8378

Frontend File Manager Plugin <= 23.6 - Subscriber+ Stored Cross-Site Scripting via File Rename_CVE-2026-8378

The Frontend File Manager Plugin WordPress plugin through 23.6 does not sanitise nor escape a filename submitted to the frontend file-rename endpoi...

Unknown Frontend File Manager Plugin CVE
HIGH 7.1 CVE-2026-8172

Simple Basic Contact Form <= 20250114 - Reflected XSS_CVE-2026-8172

The Simple Basic Contact Form WordPress plugin through 20250114 does not escape user-supplied input before reflecting it into the contact form outp...

Unknown Simple Basic Contact Form CVE
HIGH 8.8 CVE-2026-8163

Infility Global < 2.15.19 - Subscriber+ SQL Injection via order Parameter_CVE-2026-8163

The Infility Global WordPress plugin before 2.15.19 does not properly sanitize and escape some parameters before using them in SQL statements, lead...

Unknown Infility Global CVE
MEDIUM 6.8 CVE-2026-7842

Infility Global < 2.15.20 - Editor+ SQL Injection via orderby Parameter_CVE-2026-7842

The Infility Global Infility Global WordPress plugin before 2.15.20 for WordPress does not sanitize or validate the orderby and order parameters in...

Unknown Infility Global CVE
HIGH 7.2 CVE-2026-56784

OpenRemote Manager – Cross-Tenant IDOR in Bulk Alarm Deletion_CVE-2026-56784

OpenRemote Manager before 1.24.2 contains an insecure direct object reference vulnerability in the removeAlarms() method that allows authenticated ...

openremote openremote CVE
MEDIUM 6.9 CVE-2026-56762

Hono – Missing Cookie Name Validation in setCookie()_CVE-2026-56762

Hono before 4.12.12 does not validate cookie names on the write path in the setCookie(), serialize(), and serializeSigned() functions, allowing inv...

Hono Hono CVE
HIGH 7.1 CVE-2026-56701

Grav – XML External Entity Injection via SVG Upload_CVE-2026-56701

Grav before 2.0.0-beta.2 contains an XML external entity injection vulnerability in SVG file upload processing that allows authenticated attackers ...

Grav Grav CVE
MEDIUM 6.3 CVE-2026-56376

ImageMagick – Heap Use-After-Free in Meta Coder_CVE-2026-56376

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written ...

ImageMagick ImageMagick CVE