Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

204 New today
66,829 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
53
Jun 27
318
Jun 28
284
Jun 29
125
Jun 30
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-57328

WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57328

Subscriber Cross Site Scripting (XSS) in Business Directory

Strategy11 Team Business Directory n/a CVE
MEDIUM 6.3 CVE-2026-57327

WordPress MainWP plugin <= 6.1.1 - Broken Access Control vulnerability_CVE-2026-57327

Subscriber Broken Access Control in MainWP

mainwp MainWP n/a CVE
MEDIUM 6.5 CVE-2026-57326

WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57326

Unauthenticated Cross Site Scripting (XSS) in Business Directory

Strategy11 Team Business Directory n/a CVE
HIGH 7.1 CVE-2026-57320

WordPress BEAR plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57320

Unauthenticated Cross Site Scripting (XSS) in BEAR

RealMag777 BEAR n/a CVE
CRITICAL 10 CVE-2026-56290

Joomla Extension – joomlack.fr – Unauthenticated file upload in Page Builder CK extension < 3.6.0_CVE-2026-56290

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to ...

joomlack.fr JoomlaCK.fr Page Builder CK extension for Joomla 1.0-3.6.0 CVE
HIGH 8.7 CVE-2026-56124

phpUploader < 2.0.2 Unauthenticated Database Exposure via index model_CVE-2026-56124

phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents ...

shimosyan phpUploader CVE
HIGH 7.5 CVE-2026-55844

Home Assistant: iOS Companion App ignores internal SSID allowlist for connections – possible leak of access token and sensor data_CVE-2026-55844

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores ...

home-assistant core < 2025.5.0 CVE
HIGH 7.7 CVE-2026-55607

Claude Code: Sandbox Escape via Git Worktree Path Confusion Allows Unsandboxed Code Execution_CVE-2026-55607

Claude Code is an agentic coding tool. From 2.1.38 until 2.1.163, Claude Code's worktree handling allowed creation of worktrees named ".git" and n...

anthropics claude-code >= 2.1.38, < 2.1.163 CVE
MEDIUM 4.4 CVE-2026-46406

Claude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File Write_CVE-2026-46406

Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path (...

anthropics claude-code >= 2.1.59, < 2.1.128 CVE