Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

219 New today
64,835 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
197
Jun 23
Critical
High
Medium
Low
Latest
CVE CVSS 6.8

Openshift/cluster-logging-operator: cluster logging operator creates and forwards serviceaccount tokens without verifying clf creator authorization_CVE-2026-10609

A missing authorization flaw was found in the OpenShift Cluster Logging Operator. The operator creates and forwards ServiceAccount tokens to output destinations without verifying that the ClusterLogForwarder creator has permission to use those credentials, allowing a delegated...

CVE-2026-10609 Red Hat Logging Subsystem for Red Hat OpenShift
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.4 CVE-2026-56815

CVE-2026-56815_CVE-2026-56815

pwnlift before d7a9544, in a privileged deployment, contains a symlink following vulnerability in the upload handler in Components/Pages/Home.razor.

rasta-mouse pwnlift CVE
CRITICAL 9.2 CVE-2026-35019

NetComm NF20MESH < R6B032 Hardcoded AES Key Authentication Bypass_CVE-2026-35019

NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers t...

NetComm Wireless Pty Ltd NF20MESH CVE
HIGH 8.7 CVE-2026-35018

NetComm NF20MESH < R6B032 Authenticated RCE via OS Command Injection_CVE-2026-35018

NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenticated remote code execution vulnerability that allows authenticated...

NetComm Wireless Pty Ltd NF20MESH R6B031 and earlier CVE
CRITICAL 9.4 CVE-2026-28496

FOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCE_CVE-2026-28496

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template Injection (SSTI) vulne...

FOSSBilling FOSSBilling < 0.8.0 CVE
CRITICAL 10 CVE-2026-27604

FOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin Functions_CVE-2026-27604

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization byp...

FOSSBilling FOSSBilling >= 0.5.4, < 0.8.0 CVE
NONE THN:70DA639E50D...

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents_THN:70DA639E50D29B870448D12D6323F7DF

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb14v3ddlfpybc15jRbk-cwHI-0S8BAzdp8Ix83L5ZCZ4AB8gCySG7J4tZr4od9q3Jbuic1a4J29VAvRcdSQ...

N/A N/A THN
NONE THN:5382CB6B456...

Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration_THN:5382CB6B456E3DF10A48275317E6FC76

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoC7KFWoDGkSi-UzAyKNUkw-Ogs4oy2tCOAYXiYAAkqEUC1WMotLAE1GUwoWApfXK3prWVctTP05aLGjru0h...

N/A N/A THN
MEDIUM 5.3 CVE-2026-56696

OpenHarness – Prompt Injection via /issue and /pr_comments Slash Commands_CVE-2026-56696

OpenHarness /issue and /pr_comments slash commands lack remote_invocable=False protection, allowing remote channel senders to write attacker-contro...

HKUDS OpenHarness CVE
HIGH 7.1 CVE-2026-56695

OpenHarness – Cross-Session Disclosure via /resume and /summary Commands_CVE-2026-56695

OpenHarness ohmo gateway /resume and /summary slash commands default remote_invocable to True, allowing admitted remote senders to enumerate and lo...

HKUDS OpenHarness CVE