Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

294 New today

64,985 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

Jun 24

Critical

High

Medium

Low

Latest

CVE CVSS 7.8

Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass_CVE-2026-48491

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection (SNICheck) that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a ...

CVE-2026-48491 traefik traefik >= 3.7.0, < 3.7.3

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.8	CVE-2026-48020	Traefik StripPrefix Route-Level Auth Bypass via Path Normalization_CVE-2026-48020 Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in Traefik's StripP...	traefik	traefik >= 3.7.0-ea.1, < 3.7.3	Jun 23, 2026	CVE
MEDIUM 6.9	CVE-2026-45792	RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM_CVE-2026-45792 rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK (Rust Token Killer) improperly trusts project-l...	rtk-ai	rtk < 0.32.0	Jun 23, 2026	CVE
MEDIUM 6.2	CVE-2026-9073	Foreman-mcp-server: mcp server: insecure sensitive http header sanitization_CVE-2026-9073 A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authenticatio...	Red Hat	Red Hat Satellite 6	Jun 23, 2026	CVE
MEDIUM 6.9	CVE-2026-53931	NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint_CVE-2026-53931 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequestMake could be used as a ...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-53930	NocoDB: Server-Side Request Forgery via Base Migration URL_CVE-2026-53930 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the base-migration endpoint accepted a caller-supplied URL that the ...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-53929	NocoDB: Stored Cross-Site Scripting via Secure Attachment_CVE-2026-53929 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, with NC_SECURE_ATTACHMENTS=true, an authenticated uploader could del...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-53928	NocoDB: Refresh Tokens Persist Through Password Recovery_CVE-2026-53928 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a password-forgot flow and could be ...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-53927	NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL_CVE-2026-53927 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint (axiosRequestMake) accepted URLs whos...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-53926	NocoDB: OAuth Tokens Persist Through Security Events_CVE-2026-53926 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, revokeAllOAuthTokensByUser in the users service is an empty stub bei...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass_CVE-2026-48491

Recent Advisories

Traefik StripPrefix Route-Level Auth Bypass via Path Normalization_CVE-2026-48020

RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM_CVE-2026-45792

Foreman-mcp-server: mcp server: insecure sensitive http header sanitization_CVE-2026-9073

NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint_CVE-2026-53931

NocoDB: Server-Side Request Forgery via Base Migration URL_CVE-2026-53930

NocoDB: Stored Cross-Site Scripting via Secure Attachment_CVE-2026-53929

NocoDB: Refresh Tokens Persist Through Password Recovery_CVE-2026-53928

NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL_CVE-2026-53927

NocoDB: OAuth Tokens Persist Through Security Events_CVE-2026-53926

Protect Your Attack Surface with RedGem

Security Intelligence
Feed