Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

46 New today

64,242 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

CVE CVSS 6.5

phpMyFAQ: Missing userHasPermission() in 4 API write endpoints (CVE-2026-24421 Incomplete Fix)_CVE-2026-49205

phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 addressed this in the BackupController by adding: $this->userHasPermission(PermissionType::BACKUP). The same fix was not applied to...

CVE-2026-49205 thorsten phpMyFAQ < 4.1.4

Jun 18, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.9	CVE-2026-47647	Dynamics 365 Elevation of Privilege Vulnerability_CVE-2026-47647 {“lastseen”:””,”description”:””,”published”:”2026-06-18T21:42:40.084Z”,&#82...	Microsoft	Microsoft Dynamics 365 -	Jun 18, 2026	CVE
HIGH 7.5	CVE-2026-47633	Microsoft Cost Management Information Disclosure Vulnerability_CVE-2026-47633 {“lastseen”:””,”description”:””,”published”:”2026-06-18T21:37:36.850Z”,&#82...	Microsoft	Microsoft Cost Management -	Jun 18, 2026	CVE
HIGH 7.7	CVE-2026-32174	Azure Bot Service Elevation of Privilege Vulnerability_CVE-2026-32174 {“lastseen”:””,”description”:””,”published”:”2026-06-18T21:39:17.817Z”,&#82...	Microsoft	Azure AI Bot Service -	Jun 18, 2026	CVE
MEDIUM 4.8	CVE-2026-22674	Hashgraph Guardian Stored XSS via branding companyName field_CVE-2026-22674 Hashgraph Guardian through 3.5.0, fixed in commit ba8c566, contains a stored cross-site scripting vulnerability that allows authenticated users wit...	hashgraph	guardian	Jun 18, 2026	CVE
HIGH 8.7	CVE-2026-56078	PraisonAI – Arbitrary File Read and Write via Path Traversal in MultiAgentMonitor_CVE-2026-56078 PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. At...	PraisonAI	PraisonAI	Jun 18, 2026	CVE
HIGH 7.1	CVE-2026-56077	PraisonAI – Information Disclosure via Shared MultiAgentLedger State_CVE-2026-56077 PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensiti...	PraisonAI	PraisonAI	Jun 18, 2026	CVE
HIGH 8.6	CVE-2026-56076	PraisonAI – Cross-Origin Agent Execution via Hardcoded Wildcard CORS and Missing Authentication on AGUI Endpoint_CVE-2026-56076 PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitra...	PraisonAI	PraisonAI	Jun 18, 2026	CVE
HIGH 8.7	CVE-2026-56075	PraisonAI – Arbitrary Shell Command Execution via Hardcoded Approval Mode Override_CVE-2026-56075 PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approval_mode to auto, overridin...	PraisonAI	PraisonAI	Jun 18, 2026	CVE
MEDIUM 6.8	CVE-2026-56074	PraisonAI – Tool Approval Cache Bypass via Coarse-Grained Caching_CVE-2026-56074 PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls t...	PraisonAI	PraisonAI	Jun 18, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

phpMyFAQ: Missing userHasPermission() in 4 API write endpoints (CVE-2026-24421 Incomplete Fix)_CVE-2026-49205

Recent Advisories

Dynamics 365 Elevation of Privilege Vulnerability_CVE-2026-47647

Microsoft Cost Management Information Disclosure Vulnerability_CVE-2026-47633

Azure Bot Service Elevation of Privilege Vulnerability_CVE-2026-32174

Hashgraph Guardian Stored XSS via branding companyName field_CVE-2026-22674

PraisonAI – Arbitrary File Read and Write via Path Traversal in MultiAgentMonitor_CVE-2026-56078

PraisonAI – Information Disclosure via Shared MultiAgentLedger State_CVE-2026-56077

PraisonAI – Cross-Origin Agent Execution via Hardcoded Wildcard CORS and Missing Authentication on AGUI Endpoint_CVE-2026-56076

PraisonAI – Arbitrary Shell Command Execution via Hardcoded Approval Mode Override_CVE-2026-56075

PraisonAI – Tool Approval Cache Bypass via Coarse-Grained Caching_CVE-2026-56074

Protect Your Attack Surface with RedGem

Security Intelligence
Feed