Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

46 New today

64,242 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

GITHUBEXPLOIT CVSS 9.1

Exploit for Improper Authorization in Apache Tomcat_703A79DC-60E9-5AC8-928B-96E9607FCF0C

CVE-2026-43515 — Apache Tomcat Security Constraint Bypass Exploitability verdict: confirmed exploitable. A POST request to a resource protected by a split configuration bypasses authentication entirely. The required web.xml shape is uncommon in...

703A79DC-60E9-5AC8-928B-96E9607FCF0C

Jun 19, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	HACKREAD:8FE052...	Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse_HACKREAD:8FE05235876A6518DDB5C5AD824D1BA9 Nintendo America employee records were exposed via TinyPulse after Shadowbyt3 claimed theft of HR files, tax forms, bank data, and staff survey res...	N/A	N/A	Jun 19, 2026	HACKREAD
NONE	HACKREAD:B8C2FC...	Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections_HACKREAD:B8C2FC2FFB391B581361B7B7294A172D Luxembourg, Luxembourg, 19th June 2026, CyberNewswire	N/A	N/A	Jun 19, 2026	HACKREAD
NONE	THN:317DE22F4DA...	AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution_THN:317DE22F4DAC6034658E5E5B0FCABAED ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3wJOg5Y5vAn_dM0DcIB6SwV2B34iO0H-moeyuWLJ_DF1KgEEZMBGtKPDXYk0pL4wclWbnSmOB74sqReSZoG...	N/A	N/A	Jun 19, 2026	THN
MEDIUM 6.9	CVE-2026-55205	Hermes WebUI < 0.51.468 - Resource Exhaustion via Unauthenticated OAuth Flow Endpoint_CVE-2026-55205 Hermes WebUI before 0.51.468 contains a resource exhaustion vulnerability in the unauthenticated POST /api/onboarding/oauth/start endpoint that all...	nesquena	hermes-webui	Jun 18, 2026	CVE
HIGH 8.7	CVE-2026-55204	HAProxy – NULL Pointer Dereference in hpack_dht_insert Function_CVE-2026-55204 HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpack_dht_insert() within src/hpack-tbl.c tha...	haproxy	haproxy	Jun 18, 2026	CVE
CRITICAL 9	CVE-2026-55203	HAProxy – Integer Overflow in FCGI Demux Record Length Field_CVE-2026-55203 HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffe...	haproxy	haproxy	Jun 18, 2026	CVE
MEDIUM 4.7	CVE-2026-54106	U.S. GAO EPDS and CBCA EDS network access control bypass_CVE-2026-54106 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
MEDIUM 6.9	CVE-2026-54105	U.S. GAO EPDS and CBCA EDS user information disclosure_CVE-2026-54105 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
HIGH 8.8	CVE-2026-54104	U.S. GAO EPDS and CBCA EDS client-based privilege escalation_CVE-2026-54104 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Exploit for Improper Authorization in Apache Tomcat_703A79DC-60E9-5AC8-928B-96E9607FCF0C

Recent Advisories

Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse_HACKREAD:8FE05235876A6518DDB5C5AD824D1BA9

Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections_HACKREAD:B8C2FC2FFB391B581361B7B7294A172D

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution_THN:317DE22F4DAC6034658E5E5B0FCABAED

Hermes WebUI < 0.51.468 - Resource Exhaustion via Unauthenticated OAuth Flow Endpoint_CVE-2026-55205

HAProxy – NULL Pointer Dereference in hpack_dht_insert Function_CVE-2026-55204

HAProxy – Integer Overflow in FCGI Demux Record Length Field_CVE-2026-55203

U.S. GAO EPDS and CBCA EDS network access control bypass_CVE-2026-54106

U.S. GAO EPDS and CBCA EDS user information disclosure_CVE-2026-54105

U.S. GAO EPDS and CBCA EDS client-based privilege escalation_CVE-2026-54104

Protect Your Attack Surface with RedGem

Security Intelligence
Feed