Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

56 New today
64,209 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
48
Jun 20
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6 CVE-2026-56276

Flowise – Mass Assignment in PUT /api/v1/user Allows Password Hash Override_CVE-2026-56276

Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify t...

Flowise Flowise CVE
MEDIUM 6.9 CVE-2026-56267

Flowise – PII Disclosure via Unauthenticated Forgot Password Endpoint_CVE-2026-56267

Flowise before 3.0.13 contains an information exposure vulnerability in the POST /api/v1/account/forgot-password endpoint that returns full user ob...

Flowise Flowise CVE
MEDIUM 6.9 CVE-2026-56235

Capgo – Unauthenticated Cross-Tenant Metrics Disclosure via RPC Functions_CVE-2026-56235

Cap-go capgo before 12.128.2 contains an authorization bypass in several Supabase PostgREST RPC functions (get_app_metrics, get_global_metrics, get...

Cap-go capgo CVE
MEDIUM 6.9 CVE-2026-56228

Capgo – Denial of Service via Improper Password Policy Length Validation_CVE-2026-56228

Capgo before 12.128.2 fails to enforce a maximum value on the minimum password length field in its password policy configuration. An authenticated ...

Capgo Capgo CVE
MEDIUM 5.3 CVE-2026-56227

Capgo – Server-Side Request Forgery via Webhook URL Validation_CVE-2026-56227

Capgo before 12.128.2 contains a server-side request forgery vulnerability in webhook URL validation that allows loopback and internal addresses. O...

Capgo Capgo CVE
MEDIUM 6.9 CVE-2026-56218

Capgo – EXIF Metadata Exposure via Image Upload_CVE-2026-56218

Capgo before 12.128.2 fails to strip EXIF metadata including GPS geolocation data from uploaded images, allowing information disclosure. Attackers ...

Capgo Capgo CVE
MEDIUM 5.1 CVE-2025-71331

Flowise – Cross-Site Scripting in Chat Messages and Agent Workflows_CVE-2025-71331

Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent f...

Flowise Flowise CVE
CRITICAL 9.9 CVE-2026-5366

Git Argument Injection in prefecthq/prefect_CVE-2026-5366

Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the `GitRepository` storage clas...

prefecthq prefecthq/prefect unspecified CVE
HIGH 8.2 90EC8998-FB96-

explotability_analysis_ebpf_90EC8998-FB96-54C8-B382-EB8D24257354

eBPF Verifier Exploit Research — s344024 Romano Simone Research project for the Security Verification and Testing SVT course — analysis and exploit...

N/A N/A GITHUBEXPLOIT