Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

54 New today

64,222 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

CVE CVSS 5.3

CVE-2026-48937_CVE-2026-48937

A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a `GOAWAY` frame. This vulnerability affects two supported release lines: **Node.js 22** and **Node.js 24**.

CVE-2026-48937 nodejs node 22.22.3

Jun 18, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.1	CVE-2026-47833	CVE-2026-47833_CVE-2026-47833 setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bp...	Cloud Foundry Foundation	bpm-release	Jun 18, 2026	CVE
HIGH 7.5	PACKETSTORM:223805	📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:223805 WordPress Contest Gallery plugin version 28.1.4 unauthenticated blind SQL Injection exploit written in Python3...	N/A	N/A	Jun 18, 2026	PACKETSTORM
NONE	0CF22E77-69CF-	SQL-Injection_0CF22E77-69CF-5381-99B9-FA46DAC954C6 SQL-Injection This project, developed in VS Code using JavaScript Node.js, demonstrates the mechanics and remediation of SQL Injection SQLi. It fea...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT
NONE	F5663BA3-FD03-	NextJS-Middleware-Bypass-PoC_F5663BA3-FD03-5E91-BE24-0C0702FCE22F MCID15795619: Next.js Middleware Bypass PoC Executive Summary This repository contains the technical details and Proof of Concept PoC for a High-Se...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT
HIGH 8.4	CVE-2026-12390	Access of resource using incompatible type (‘type confusion’) in AzeoTech DAQFactory_CVE-2026-12390 In AzeoTech DAQFactory versions 21.1 and prior, a Type Confusion vulnerability can be exploited by an attacker using specially crafted .ctl files w...	AzeoTech	DAQFactory	Jun 18, 2026	CVE
MEDIUM 6.9	CVE-2026-56099	OpenBSD mpls_do_error Kernel Stack Memory Disclosure via MPLS Input_CVE-2026-56099 OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read vulnerability in the mpls_do_error function within sys/netmpls/mpls_input...	openbsd	src	Jun 18, 2026	CVE
MEDIUM 5.8	CVE-2026-48983	pam_usb: TOCTOU race condition in pad directory creation allows symlink substitution_CVE-2026-48983 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, a symlink race condition exists in p...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 5.8	CVE-2026-48982	pam_usb: Missing O_EXCL on pad temp file creation allows concurrent update race_CVE-2026-48982 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, when updating a one-time pad file, a...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 6.7	CVE-2026-48981	pam_usb: xmlReadFile flags=0 permits XXE network entity fetching in conf.c_CVE-2026-48981 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, pam_usb calls xmlReadFile() with fla...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CVE-2026-48937_CVE-2026-48937

Recent Advisories

CVE-2026-47833_CVE-2026-47833

📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:223805

SQL-Injection_0CF22E77-69CF-5381-99B9-FA46DAC954C6

NextJS-Middleware-Bypass-PoC_F5663BA3-FD03-5E91-BE24-0C0702FCE22F

Access of resource using incompatible type (‘type confusion’) in AzeoTech DAQFactory_CVE-2026-12390

OpenBSD mpls_do_error Kernel Stack Memory Disclosure via MPLS Input_CVE-2026-56099

pam_usb: TOCTOU race condition in pad directory creation allows symlink substitution_CVE-2026-48983

pam_usb: Missing O_EXCL on pad temp file creation allows concurrent update race_CVE-2026-48982

pam_usb: xmlReadFile flags=0 permits XXE network entity fetching in conf.c_CVE-2026-48981

Protect Your Attack Surface with RedGem

Security Intelligence
Feed