Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

289 New today

65,553 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

266

Jun 25

Critical

High

Medium

Low

Latest

CVE CVSS 8.8

Unauthenticated self-registration in MailerUp allows access to stored email data_CVE-2026-13164

Missing Authentication for Critical Function (CWE-306) in the RegisterView (apps/accounts/views.py), exposed at POST /api/auth/register/, in MailerUp <1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended...

CVE-2026-13164 Mailerup Mailerup

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.7	CVE-2026-54699	Warp: OS command injection when opening terminal links from WSL_CVE-2026-54699 Warp is an agentic development environment. From 0.2024.03.12.08.02.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contains an OS command injec...	warpdotdev	warp >= 0.2024.03.12.08.02.stable_01, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
MEDIUM 4.3	CVE-2026-54686	Warp: DCS lifecycle hook spoofing can alter terminal session metadata_CVE-2026-54686 Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepted certain state-mutat...	warpdotdev	warp >= 0.2021.04.25.23.05.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.7	CVE-2026-49851	Mistune: Potential DoS via quadratic-time parsing in parse_link_text_CVE-2026-49851 Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear (a...	lepture	mistune < 3.3.0	Jun 24, 2026	CVE
MEDIUM 4.3	CVE-2026-48789	AnythingLLM: Windows path containment bypass in document folder route_CVE-2026-48789 AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Win...	Mintplex-Labs	anything-llm < 1.13.0	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48732	Warp: Remote SSH cwd can lead to unauthorized remote command execution_CVE-2026-48732 Warp is an agentic development environment. From 0.2023.03.21.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2023.03.21.08.02.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-48731	Warp: Linux external editor command injection_CVE-2026-48731 Warp is an agentic development environment. From 0.2024.02.20.08.01.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2024.02.20.08.01.stable_01, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.1	CVE-2026-48725	Warp may allow terminal output to access the local clipboard through OSC 52_CVE-2026-48725 Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp allows terminal output to re...	warpdotdev	warp >= 0.2021.04.25.23.05.stable_00, < v0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.6	CVE-2026-48721	Warp: Env-var prefixes can lead to denylisted command autoexecution_CVE-2026-48721 Warp is an agentic development environment. From 0.2025.10.08.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...	warpdotdev	warp >= 0.2025.10.08.08.12.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48720	Warp: SSH remote output can lead to local file overwrite and persistence_CVE-2026-48720 Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337...	warpdotdev	warp >= 0.2025.03.05.08.02.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Unauthenticated self-registration in MailerUp allows access to stored email data_CVE-2026-13164

Recent Advisories

Warp: OS command injection when opening terminal links from WSL_CVE-2026-54699

Warp: DCS lifecycle hook spoofing can alter terminal session metadata_CVE-2026-54686

Mistune: Potential DoS via quadratic-time parsing in parse_link_text_CVE-2026-49851

AnythingLLM: Windows path containment bypass in document folder route_CVE-2026-48789

Warp: Remote SSH cwd can lead to unauthorized remote command execution_CVE-2026-48732

Warp: Linux external editor command injection_CVE-2026-48731

Warp may allow terminal output to access the local clipboard through OSC 52_CVE-2026-48725

Warp: Env-var prefixes can lead to denylisted command autoexecution_CVE-2026-48721

Warp: SSH remote output can lead to local file overwrite and persistence_CVE-2026-48720

Protect Your Attack Surface with RedGem

Security Intelligence
Feed