Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

224 New today
65,462 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
175
Jun 25
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.5 CVE-2026-52797

Gogs: Overwriting critical files results in a denial of service_CVE-2026-52797

Gogs is an open source self-hosted Git service. Prior to 0.14.0, as an authorized user, an intruder can dictate the value which is passed to the gi...

gogs gogs < 0.14.0 CVE
MEDIUM 6.7 CVE-2026-49278

Rocket.Chat: Livechat Visitor Profile Disclosure Leaks Bearer Token and Enables Visitor Impersonation_CVE-2026-49278

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7...

RocketChat Rocket.Chat >= 8.5.0-rc.0, < 8.5.0 CVE
LOW 2.3 CVE-2026-49277

Rocket.Chat: OAuth access and refresh tokens remain valid after account deactivation_CVE-2026-49277

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7...

RocketChat Rocket.Chat >= 8.5.0-rc.0, < 8.5.0 CVE
MEDIUM 4.4 CVE-2026-47733

Rocket.Chat: Missing URL protocol sanitization in ImageElement allows javascript: URLs in markdown images_CVE-2026-47733

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, the ImageElement component in packages/gazzodown...

RocketChat Rocket.Chat < 8.5.0 CVE
CRITICAL 9.3 CVE-2026-46423

Rocket.Chat: SAML signature validation skipped when IdP certificate field is empty_CVE-2026-46423

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7...

RocketChat Rocket.Chat >= 8.5.0-rc.0, < 8.5.0 CVE
LOW 2.3 CVE-2026-45757

Rocket.Chat: users.deactivateIdle` deactivates accounts without revoking existing login tokens_CVE-2026-45757

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7...

RocketChat Rocket.Chat >= 8.5.0-rc.0, < 8.5.0 CVE
CRITICAL 9.1 CVE-2026-45689

Rocket.Chat: Pre-Auth NoSQL Injection in OAuth2 Token Endpoint leading to Arbitrary User ATO_CVE-2026-45689

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7...

RocketChat Rocket.Chat >= 8.5.0-rc.0, < 8.5.0 CVE
CRITICAL 9.1 CVE-2026-45688

Rocket.Chat: Pre-Auth NoSQL Injection in CAS Login Handler leading to Arbitrary CAS/SAML User Session Hijack_CVE-2026-45688

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7...

RocketChat Rocket.Chat >= 8.5.0-rc.0, < 8.5.0 CVE
HIGH 8.5 CVE-2026-45687

Rocket.Chat: Authenticated Arbitrary Data Export Theft via Mass Assignment in sendFileMessage_CVE-2026-45687

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7...

RocketChat Rocket.Chat >= 8.5.0-rc.0, < 8.5.0 CVE