Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

62 New today

64,208 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 7

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Critical

High

Medium

Low

Latest

CVE CVSS 6.9

Hermes WebUI < 0.51.468 - Resource Exhaustion via Unauthenticated OAuth Flow Endpoint_CVE-2026-55205

Hermes WebUI before 0.51.468 contains a resource exhaustion vulnerability in the unauthenticated POST /api/onboarding/oauth/start endpoint that allows unbounded accumulation of in-memory flow state and daemon threads. Attackers can send repeated or concurrent requests to exhau...

CVE-2026-55205 nesquena hermes-webui

Jun 18, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.7	CVE-2026-55204	HAProxy – NULL Pointer Dereference in hpack_dht_insert Function_CVE-2026-55204 HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpack_dht_insert() within src/hpack-tbl.c tha...	haproxy	haproxy	Jun 18, 2026	CVE
CRITICAL 9	CVE-2026-55203	HAProxy – Integer Overflow in FCGI Demux Record Length Field_CVE-2026-55203 HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffe...	haproxy	haproxy	Jun 18, 2026	CVE
MEDIUM 4.7	CVE-2026-54106	U.S. GAO EPDS and CBCA EDS network access control bypass_CVE-2026-54106 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
MEDIUM 6.9	CVE-2026-54105	U.S. GAO EPDS and CBCA EDS user information disclosure_CVE-2026-54105 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
HIGH 8.8	CVE-2026-54104	U.S. GAO EPDS and CBCA EDS client-based privilege escalation_CVE-2026-54104 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-54103	U.S. GAO EPDS and CBCA EDS unauthenticated password change_CVE-2026-54103 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
LOW 1.8	CVE-2026-48617	CVE-2026-48617_CVE-2026-48617 A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation. This can lead to confidentialit...	nodejs	node 22.22.3	Jun 18, 2026	CVE
HIGH 7.5	CVE-2026-38718	CVE-2026-38718_CVE-2026-38718 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38717	CVE-2026-38717_CVE-2026-38717 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Hermes WebUI < 0.51.468 - Resource Exhaustion via Unauthenticated OAuth Flow Endpoint_CVE-2026-55205

Recent Advisories

HAProxy – NULL Pointer Dereference in hpack_dht_insert Function_CVE-2026-55204

HAProxy – Integer Overflow in FCGI Demux Record Length Field_CVE-2026-55203

U.S. GAO EPDS and CBCA EDS network access control bypass_CVE-2026-54106

U.S. GAO EPDS and CBCA EDS user information disclosure_CVE-2026-54105

U.S. GAO EPDS and CBCA EDS client-based privilege escalation_CVE-2026-54104

U.S. GAO EPDS and CBCA EDS unauthenticated password change_CVE-2026-54103

CVE-2026-48617_CVE-2026-48617

CVE-2026-38718_CVE-2026-38718

CVE-2026-38717_CVE-2026-38717

Protect Your Attack Surface with RedGem

Security Intelligence
Feed