Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

324 New today

65,969 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

306

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 6.3

OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status_CVE-2026-10098

OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without fir...

CVE-2026-10098 wolfSSL wolfSSL 4.6.0

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.7	CVE-2026-7532	iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined_CVE-2026-7532 iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allo...	wolfSSL	wolfSSL	Jun 25, 2026	CVE
MEDIUM 5.9	CVE-2026-7511	PKCS7_verify signer confusion allows forged signatures to be accepted_CVE-2026-7511 PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged si...	wolfSSL	wolfSSL 3.15.5	Jun 25, 2026	CVE
HIGH 8.1	CVE-2026-22879	CVE-2026-22879_CVE-2026-22879 vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability	vtk	vtk 9.5.2	Jun 25, 2026	CVE
HIGH 7.6	CVE-2025-71340	picklescan – Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcode_CVE-2025-71340 picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in __reduce__ methods. Att...	picklescan	picklescan	Jun 25, 2026	CVE
CRITICAL 10	CVE-2025-71338	Flowise – Arbitrary File Write to Remote Code Execution via document-store API_CVE-2025-71338 Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to writ...	Flowise	Flowise	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2025-71336	Flowise – Unsandboxed Remote Code Execution via Custom MCP_CVE-2025-71336 Flowise before 3.0.6 (affected versions 2.2.7-patch.1 and earlier) contains an unsandboxed remote code execution vulnerability in the Custom MCP fe...	Flowise	Flowise	Jun 25, 2026	CVE
HIGH 8.6	CVE-2025-71335	Flowise – Session Invalidation Failure After Password Change_CVE-2025-71335 Flowise before 3.0.10 (affected versions 3.0.7 and earlier) fails to invalidate existing sessions and session tokens after a user changes their pas...	Flowise	Flowise	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2025-71334	Flowise – Arbitrary File Access via Missing Chat Flow ID Validation_CVE-2025-71334 Flowise before 3.0.6 (affected versions 2.2.8 and earlier) contains an arbitrary file access vulnerability due to missing validation that the chatf...	Flowise	Flowise	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2025-71333	Flowise – Arbitrary File Upload via Unauthenticated /api/v1/attachments Endpoint_CVE-2025-71333 Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set t...	Flowise	Flowise	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status_CVE-2026-10098

Recent Advisories

iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined_CVE-2026-7532

PKCS7_verify signer confusion allows forged signatures to be accepted_CVE-2026-7511

CVE-2026-22879_CVE-2026-22879

picklescan – Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcode_CVE-2025-71340

Flowise – Arbitrary File Write to Remote Code Execution via document-store API_CVE-2025-71338

Flowise – Unsandboxed Remote Code Execution via Custom MCP_CVE-2025-71336

Flowise – Session Invalidation Failure After Password Change_CVE-2025-71335

Flowise – Arbitrary File Access via Missing Chat Flow ID Validation_CVE-2025-71334

Flowise – Arbitrary File Upload via Unauthenticated /api/v1/attachments Endpoint_CVE-2025-71333

Protect Your Attack Surface with RedGem

Security Intelligence
Feed