Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

307 New today

65,239 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

307

Jun 24

Critical

High

Medium

Low

Latest

GITHUBEXPLOIT CVSS 7.8

Exploit for Use After Free in Microsoft_C3D90422-8858-5EAC-A8E5-588AF315EA86

CVE-2026-42978 PoC & Research Windows Push Notifications Use-After-Free Race condition in Windows Push Notifications service WpnService that runs as NT AUTHORITY\SYSTEM. An attacker with local access can trigger a use-after-free during platform...

C3D90422-8858-5EAC-A8E5-588AF315EA86

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.2	MSF:AUXILIARY-SCANNER-	Audiobookshelf Unauthenticated API Authentication Bypass Scanner_MSF:AUXILIARY-SCANNER-HTTP-AUDIOBOOKSHELF_AUTH_BYPASS- This module detects Audiobookshelf servers affected by CVE-2025-25205, an unauthenticated authentication bypass. Affected versions 2.17.0 through 2...	N/A	N/A	Jun 23, 2026	METASPLOIT
NONE	D00ABD7F-A3B6-	web-exploitation-lab_D00ABD7F-A3B6-5F61-A944-65E5960AB87E 🌐 Web Exploitation Lab Payloads, techniques et cheatsheet web — SQLi, XSS, LFI, SSRF — by @ibramoha2 --- 💉 SQL Injection sql -- Test basique ' OR...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
NONE	HACKREAD:40BF5A...	LastPass Confirms Customer Data Breach After Klue OAuth Token Theft_HACKREAD:40BF5AE34923B51723CA316715EF181B LastPass has confirmed it was affected by the Klue supply chain incident, saying an unauthorised actor used stolen…	N/A	N/A	Jun 23, 2026	HACKREAD
CRITICAL 9.8	IMPERVABLOG:CC2...	CVE-2025-54068 Laravel Livewire Credential Theft Campaign: 6,000+ Applications Compromised_IMPERVABLOG:CC22F53AF67610E01435FC711BB2B03F ## Introduction On May 24, 2026, Imperva observed exploitation attempts against Laravel Livewire applications, blocked by the Imperva Cloud WA...	N/A	N/A	Jun 23, 2026	IMPERVABLOG
NONE	WIRED:97C27F256...	Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed_WIRED:97C27F256D0F2D95C8FBD8F9552B9208 The private events group, cofounded by Peter Thiel, says a “criminal” hacker is behind a breach that exposed members’ personal details. WIRED found...	N/A	N/A	Jun 23, 2026	WIRED
NONE	HACKREAD:B18ECD...	Internet Society Foundation Opens Global Call for Common Good Cyber Fund to Strengthen Cybersecurity_HACKREAD:B18ECD3BC16D6012AA85453F7891373F DC, United States, 23rd June 2026, CyberNewswire	N/A	N/A	Jun 23, 2026	HACKREAD
MEDIUM 5.9	CVE-2026-55736	Private action arguments can be set by user input in Ash_CVE-2026-55736 Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in ash-project ash allows a user to set the value of a...	ash-project	ash 3.0.0	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-55249	@rtk-ai/rtk-rewrite: OpenClaw Rewrite Plugin Command Injection via execSync Template String_CVE-2026-55249 @rtk-ai/rtk-rewrite transparently rewrites shell commands executed via OpenClaw's exec tool to their RTK equivalents. In 1.0.0, the @rtk-ai/rtk-rew...	rtk-ai	rtk 1.0.0	Jun 23, 2026	CVE
HIGH 7.7	CVE-2026-54322	Daytona: Cross-org IDOR in organization role update/delete — any org owner can rewrite or destroy another org’s roles_CVE-2026-54322 Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, Daytona's organizatio...	daytonaio	daytona < 0.185.0	Jun 23, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Exploit for Use After Free in Microsoft_C3D90422-8858-5EAC-A8E5-588AF315EA86

Recent Advisories

Audiobookshelf Unauthenticated API Authentication Bypass Scanner_MSF:AUXILIARY-SCANNER-HTTP-AUDIOBOOKSHELF_AUTH_BYPASS-

web-exploitation-lab_D00ABD7F-A3B6-5F61-A944-65E5960AB87E

LastPass Confirms Customer Data Breach After Klue OAuth Token Theft_HACKREAD:40BF5AE34923B51723CA316715EF181B

CVE-2025-54068 Laravel Livewire Credential Theft Campaign: 6,000+ Applications Compromised_IMPERVABLOG:CC22F53AF67610E01435FC711BB2B03F

Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed_WIRED:97C27F256D0F2D95C8FBD8F9552B9208

Internet Society Foundation Opens Global Call for Common Good Cyber Fund to Strengthen Cybersecurity_HACKREAD:B18ECD3BC16D6012AA85453F7891373F

Private action arguments can be set by user input in Ash_CVE-2026-55736

@rtk-ai/rtk-rewrite: OpenClaw Rewrite Plugin Command Injection via execSync Template String_CVE-2026-55249

Daytona: Cross-org IDOR in organization role update/delete — any org owner can rewrite or destroy another org’s roles_CVE-2026-54322

Protect Your Attack Surface with RedGem

Security Intelligence
Feed