Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

95 New today
64,175 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
14
Jun 20
Critical
High
Medium
Low
Latest
CVE CVSS 6.3

Awx: automation-controller: awx: github webhook second-order ssrf via unvalidated statuses_url exfiltrates pat credential_CVE-2026-12726

A flaw was found in the AWX GitHub webhook integration. When processing GitHub pull_request webhooks, the controller stores the pull_request.statuses_url value from the webhook payload without validating that it points to a trusted GitHub API endpoint. If a job template is con...

CVE-2026-12726 Red Hat Red Hat Ansible Automation Platform 2
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 10 A52A5B67-31DB-

Exploit for SQL Injection in Sangoma Freepbx_A52A5B67-31DB-5B86-B528-C2F4F2A57FB3

FreePBX 16 — Unauthenticated SQLi to RCE Proof-of-concept exploit chaining two FreePBX vulnerabilities to go from zero access to remote code execut...

N/A N/A GITHUBEXPLOIT
NONE EA26B6D2-E45A-

cortex-plugin-hexstrike_EA26B6D2-E45A-5D45-930B-37F1EE561AD6

Example Plugin Brief one-line description of what this plugin does. Installation bash From marketplace cortex plugin install marketplace:example-pl...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 B7F3888A-67A2-

Exploit for OS Command Injection in Ray_Project Ray_B7F3888A-67A2-5DAE-904A-1F178F5B69DD

CVE-2023-6019 - Anyscale Ray Dashboard Unauthenticated RCE PoC exploit for CVE-2023-6019 — Remote Code Execution via unauthenticated Ray Dashboard ...

N/A N/A GITHUBEXPLOIT
NONE THN:0B57AAEC379...

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes_THN:0B57AAEC379BB19269BA5F6FA540F390

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjNWtaK_WkFnKnaLTIwg043i_I6YVi5XuZGVzh30SGeK-iutwr6t2Ed3S6Qk0V9uykYueDD5WETtQ4sW1QwG...

N/A N/A THN
NONE THN:E7B27AF7990...

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain_THN:E7B27AF79906373961790705D467275B

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIM725Ni41-PBwM_6zXNdsydP1eZO7oSsWIlAqpwdOu9dOcZM6ZI1iaqwSsL3yZKT4lbFRM-eZVq3ARKDbLR...

N/A N/A THN
NONE 267A765B-AF6E-

PhantomCommits-CTF_267A765B-AF6E-5280-849A-0BDCD33EBD9F

STS-PR-13: Code Review CTF — Writeups Writeups for STS-PR-13: Conduct Security-Focused Code Review with Justification, a 3-challenge CTF built arou...

N/A N/A GITHUBEXPLOIT
NONE MALWAREBYTES:70...

Nearly 15,000 infected websites cleaned in SocGholish crackdown_MALWAREBYTES:705B2D633D6C25DA1D25345CF3273B27

We’re always happy to end the week with some positive news. A law enforcement action called Operation Endgame just delivered a major win against th...

N/A N/A MALWAREBYTES
NONE HACKREAD:CDD4B7...

Meteor 3.0 Migration Helped Rocket.Chat Move Off End-of-Life Node.js Runtime_HACKREAD:CDD4B73BFA0E5B80AED134963121A750

Meteor 3.0 helped Rocket.Chat move from Node.js 14 to Node.js 20, cutting runtime debt after Fibers removal and reducing supply-chain risk across f...

N/A N/A HACKREAD
MEDIUM 5.3 CVE-2026-12622

Open Redirect Vulnerability in Password Reset Submission in GridTime™ 3000 GNSS Time Server_CVE-2026-12622

The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission. This issue affects GridTime 3000: fr...

Microchip GridTime 3000 1.0r0.03 CVE