Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

55 New today
64,208 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
47
Jun 20
Critical
High
Medium
Low
Latest
CVE CVSS 8.2

PhpWeasyPrint: shell command injection via configurable WeasyPrint binary path due to inverted is_executable() guard (mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc)_CVE-2026-49260

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.5.1, `pontedilana/php-weasyprint` builds the shell command for WeasyPrint by passing the binary path through `escapeshellarg()` first and then checking the *quoted* result wit...

CVE-2026-49260 pontedilana php-weasyprint < 2.5.1
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.5 CVE-2026-3196

Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation_CVE-2026-3196

An integer overflow vulnerability was found in the virtio-snd device via PCM_INFO requests from the guest. A malicious guest can provide out-of-bou...

N/A N/A 8.2.0 CVE
HIGH 7.4 CVE-2026-3195

Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)_CVE-2026-3195

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the `virtio_snd_pcm_in_cb` function did not check wheth...

N/A N/A 8.2.0 CVE
NONE 5BEBD996-40A7-

AINEE_5BEBD996-40A7-5820-A505-F8584E84A3BB

Autonomous Internal Network Exploitation Engine The Autonomous Internal Network Exploitation Engine AINE is a cybersecurity research project design...

N/A N/A GITHUBEXPLOIT
NONE FA525CC7-835B-

security-disclosures-2026_FA525CC7-835B-51B6-9719-F6EE350F03DF

Security Disclosures 2026 Responsible vulnerability disclosures in open-source PHP web applications. Researcher: @abdurazzoqovjavohir700-dev Email:...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 78CF8AD6-3E6A-

ghost-bits-toolkit_78CF8AD6-3E6A-58B5-B3C4-2D259401D82F

Ghost Bits Toolkit Java Ghost Bits Vulnerability Detection and Exploitation Toolset. Vulnerability Background Ghost Bits is a security vulnerabilit...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.1 703A79DC-60E9-

Exploit for Improper Authorization in Apache Tomcat_703A79DC-60E9-5AC8-928B-96E9607FCF0C

CVE-2026-43515 — Apache Tomcat Security Constraint Bypass Exploitability verdict: confirmed exploitable. A POST request to a resource protected by ...

N/A N/A GITHUBEXPLOIT
NONE HACKREAD:8FE052...

Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse_HACKREAD:8FE05235876A6518DDB5C5AD824D1BA9

Nintendo America employee records were exposed via TinyPulse after Shadowbyt3 claimed theft of HR files, tax forms, bank data, and staff survey res...

N/A N/A HACKREAD
NONE HACKREAD:B8C2FC...

Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections_HACKREAD:B8C2FC2FFB391B581361B7B7294A172D

Luxembourg, Luxembourg, 19th June 2026, CyberNewswire

N/A N/A HACKREAD
NONE THN:317DE22F4DA...

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution_THN:317DE22F4DAC6034658E5E5B0FCABAED

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3wJOg5Y5vAn_dM0DcIB6SwV2B34iO0H-moeyuWLJ_DF1KgEEZMBGtKPDXYk0pL4wclWbnSmOB74sqReSZoG...

N/A N/A THN