Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

46 New today

64,242 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

CVE CVSS 5.1

Flowise – Cross-Site Scripting in Chat Messages and Agent Workflows_CVE-2025-71331

Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload (e.g., <iframe src="javascript:alert(document.c...

CVE-2025-71331 Flowise Flowise

Jun 20, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.9	CVE-2026-5366	Git Argument Injection in prefecthq/prefect_CVE-2026-5366 Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the `GitRepository` storage clas...	prefecthq	prefecthq/prefect unspecified	Jun 20, 2026	CVE
HIGH 8.2	90EC8998-FB96-	explotability_analysis_ebpf_90EC8998-FB96-54C8-B382-EB8D24257354 eBPF Verifier Exploit Research — s344024 Romano Simone Research project for the Security Verification and Testing SVT course — analysis and exploit...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
CRITICAL 9.8	51654478-7539-	Exploit for OS Command Injection in Redhat Openshift_Container_Platform_51654478-7539-5748-ADF6-E1E5CD131F2F CVE-2026-4480-PoC...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	7D09A83C-C6CD-	browserlover_7D09A83C-C6CD-5EFA-9E1F-FE28400B2E1F No description provided...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
LOW 2.3	CVE-2026-56325	Capgo – App ID Confusion via ILIKE Wildcard in Preview Subdomain Lookup_CVE-2026-56325 Capgo before 12.128.2 uses ILIKE pattern matching instead of exact matching for app_id lookup in the preview subdomain resolver, allowing underscor...	Capgo	Capgo	Jun 20, 2026	CVE
LOW 2.3	CVE-2026-56317	Nuxt – Cross-Site Scripting via NoScript Component Slot Content_CVE-2026-56317 Nuxt before 4.4.7 (and the 3.x branch before 3.21.7) contains a cross-site scripting vulnerability in the NoScript component that writes slot conte...	Nuxt	Nuxt 4.0.0	Jun 20, 2026	CVE
NONE	HACKREAD:7261C7...	MDR Provider Comparison: Time to Discover and Respond to Threats_HACKREAD:7261C791BE2D3FF87A7C570142D9E829 A detailed MDR provider comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose.	N/A	N/A	Jun 20, 2026	HACKREAD
CRITICAL 10	CVE-2026-48939	Joomla Extension – icagenda.com – Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15_CVE-2026-48939 A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in P...	icagenda.com	iCagenda extension for Joomla 1.0.0-3.9.14	Jun 20, 2026	CVE
CRITICAL 9.5	CVE-2026-48909	Joomla Extension – joomshaper.com – PHP Object injection in SP LMS extension for Joomla < 4.1.4_CVE-2026-48909 SP LMS (com_splms) < 4.1.4 by JoomShaper deserializes user-controlled cookie data without validation, enabling an unauthenticated remote attacker t...	joomshaper.net	SP LMS extension for Joomla 1.0.0-4.1.3	Jun 20, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Flowise – Cross-Site Scripting in Chat Messages and Agent Workflows_CVE-2025-71331

Recent Advisories

Git Argument Injection in prefecthq/prefect_CVE-2026-5366

explotability_analysis_ebpf_90EC8998-FB96-54C8-B382-EB8D24257354

Exploit for OS Command Injection in Redhat Openshift_Container_Platform_51654478-7539-5748-ADF6-E1E5CD131F2F

browserlover_7D09A83C-C6CD-5EFA-9E1F-FE28400B2E1F

Capgo – App ID Confusion via ILIKE Wildcard in Preview Subdomain Lookup_CVE-2026-56325

Nuxt – Cross-Site Scripting via NoScript Component Slot Content_CVE-2026-56317

MDR Provider Comparison: Time to Discover and Respond to Threats_HACKREAD:7261C791BE2D3FF87A7C570142D9E829

Joomla Extension – icagenda.com – Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15_CVE-2026-48939

Joomla Extension – joomshaper.com – PHP Object injection in SP LMS extension for Joomla < 4.1.4_CVE-2026-48909

Protect Your Attack Surface with RedGem

Security Intelligence
Feed