Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

57 New today
64,196 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
35
Jun 20
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2026-48774

ProxySQL MCP run_sql_readonly executes side-effecting MySQL multi-statements despite read-only contract_CVE-2026-48774

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 3.0.0 through 3.0.8, ProxySQL's GenAI/MCP `run_sql_readonly` tool v...

sysown proxysql >= 3.0.6, < 3.0.9 CVE
CRITICAL 9.8 CVE-2026-48773

ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling_CVE-2026-48773

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. Versions 2.0.18 through 3.0.8 have a pre-authentication heap memory corruption ...

sysown proxysql >= 2.0.18, < 3.0.9 CVE
CRITICAL 10 CVE-2026-48772

ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL_CVE-2026-48772

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the `PROXY...

sysown proxysql >= 2.0.0, < 3.0.9 CVE
HIGH 7.7 CVE-2026-48715

radvdump’s Route Information Option Parser has a Stack Buffer Overflow_CVE-2026-48715

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the `radvdump` utility shipped with radvd contains a stack buffer overflow ...

radvd-project radvdump < 2.21 CVE
HIGH 7.1 CVE-2026-48089

DevGuard has improper authorization on public assets_CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public a...

l3montree-dev devguard < 1.4.2 CVE
HIGH 7.5 CVE-2026-50559

Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities_CVE-2026-50559

Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20....

quarkusio quarkus >= 3.36.0, < 3.36.3 CVE
HIGH 7.1 CVE-2026-49346

libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow_CVE-2026-49346

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and...

strukturag libde265 < 1.1.0 CVE
MEDIUM 4.3 CVE-2026-49337

libde265 has an unbounded memory leak via orphaned slice headers in `read_slice_NAL`_CVE-2026-49337

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes `decoder_...

strukturag libde265 < 1.0.20 CVE
HIGH 7.1 CVE-2026-49295

libde265 has an out-of-bounds write in process_reference_picture_set via predicted short-term RPS_CVE-2026-49295

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds a...

strukturag libde265 < 1.0.20 CVE