Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

288 New today
64,608 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
287
Jun 22
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2026-53539

Python-Multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service_CVE-2026-53539

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, when parsing application/x-www-form-urlencoded bodies, QuerystringPar...

Kludex python-multipart < 0.0.30 CVE
LOW 3.7 CVE-2026-53538

Python-Multipart: Semicolon treated as querystring field separator enables parameter smuggling_CVE-2026-53538

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www...

Kludex python-multipart < 0.0.30 CVE
LOW 3.7 CVE-2026-53537

Python-Multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters_CVE-2026-53537

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parse_options_header parsed Content-Disposition (and Content-Type) he...

Kludex python-multipart < 0.0.30 CVE
HIGH 8.6 CVE-2026-50556

Angular: Missing `

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-rc.2 CVE
HIGH 8.6 CVE-2026-50555

Angular: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in @angular/platform-server_CVE-2026-50555

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-rc.2 CVE
LOW 2.7 CVE-2026-50269

AIOHTTP: CRLF injection in multipart headers_CVE-2026-50269

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.0, attacker-controlled input included into multipart/...

aio-libs aiohttp < 3.14.0 CVE
MEDIUM 5.7 CVE-2026-50184

Angular: Request Credential & Cache Policy Stripping in Angular Service Worker_CVE-2026-50184

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-rc.2 CVE
HIGH 8.2 CVE-2026-50171

Angular: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)_CVE-2026-50171

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-rc.2 CVE
HIGH 8.2 CVE-2026-50170

Angular: Information Leak via Default Caching of Credentialed Requests in HttpTransferCache_CVE-2026-50170

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-rc.2 CVE