Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

93 New today
64,177 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
16
Jun 20
Critical
High
Medium
Low
Latest
CVE CVSS 8.1

Database for Contact Form 7, WPforms, Elementor forms <= 1.5.1 - Unauthenticated Arbitrary File Deletion via CF7 File Field POST Value_CVE-2026-9843

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the view_page function in all versions up to, and including, 1.5.1. This makes it possible for unauthenticated at...

CVE-2026-9843 crmperks Database for Contact Form 7, WPforms, Elementor forms
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
NONE C84B5231-AD4C-

Nyx-tool-By-Pray-Roman_C84B5231-AD4C-5DFC-B479-4EBB6CB2F6E6

No description provided...

N/A N/A GITHUBEXPLOIT
HIGH 8.7 CVE-2026-56082

Supabase – Unauthenticated Cross-Tenant Billing Log Tampering via public.record_build_time RPC_CVE-2026-56082

Capgo (Cap-go/capgo) before 12.128.2 contains an improper access control vulnerability in the SECURITY DEFINER PostgREST RPC function public.record...

Cap-go capgo CVE
CRITICAL 9.3 CVE-2026-56081

Cap-go – Account Lockout via 2FA Misconfiguration on Unverified Email_CVE-2026-56081

Cap-go before 12.128.2 contains an authentication logic flaw that lets an attacker register and control an account bound to a victim's email addres...

Cap-go capgo CVE
MEDIUM 6.9 CVE-2026-56080

Cap-go – Authentication Logic Flaw in Enforce Password Policy_CVE-2026-56080

Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature: after a Super Admin enables the policy and successfully changes their...

Cap-go capgo CVE
HIGH 7.1 CVE-2026-56079

Capgo – Cross-Tenant Authorization Bypass via PostgREST Webhook Access_CVE-2026-56079

Capgo before 12.128.2 contains a cross-tenant authorization bypass vulnerability in PostgREST endpoints that allows org-scoped read API keys to acc...

Capgo Capgo CVE
CRITICAL 9.3 CVE-2026-56073

Cap-go – OTP Bypass via Response Manipulation in Email Verification_CVE-2026-56073

Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by mo...

Cap-go capgo CVE
CRITICAL 9.8 CVE-2026-11551

Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover_CVE-2026-11551

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is du...

wpmudev Branda – White Label & Branding, Free Login Page Customizer CVE
NONE F4DB36D1-16B3-

Exploit for CVE-2026-11551_F4DB36D1-16B3-5D76-9EDA-1FCB95DDC7E9

2026-11551 CVE-2026-11551: Branda Plugin - Unauthenticated Privilege Escalation via Account Takeover...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 MS:CVE-2026-12439

CVE-2026-12439 Use after free in Digital Credentials_MS:CVE-2026-12439

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE