Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

55 New today

64,208 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 7

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Critical

High

Medium

Low

Latest

CVE CVSS 9.3

JTL Shop < 5.7.2 Server-Side Template Injection via Smarty Renderer_CVE-2026-54390

JTL Shop versions 5.2.0 through 5.7.1 contains a server-side template injection vulnerability that allows unauthenticated attackers to inject malicious template syntax due to unsanitized user-supplied input passed to the Smarty template engine. Attackers can exploit this flaw ...

CVE-2026-54390 JTL Software JTL Shop 5.0.0

Jun 18, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.7	CVE-2026-48986	pam_usb: Infinite loop DoS in process-tree walk when parent process exits during authentication_CVE-2026-48986 pam_usb provides hardware authentication for Linux using removable media. In pam_usb 0.9.1 and earlier, usb_get_process_parent_id() can cause an in...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 5.5	CVE-2026-48985	pam_usb: NULL Dereference Crash in pusb_is_loginctl_local when loginctl Returns Empty Remote Field_CVE-2026-48985 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, pusb_is_loginctl_local() can cause ...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 4.7	CVE-2026-48984	pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap_CVE-2026-48984 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree() memory release helper i...	mcdope	pam_usb < 0.9.2	Jun 18, 2026	CVE
MEDIUM 5.3	CVE-2026-9692	Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely_CVE-2026-9692 Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely. The default session id generator returns a SHA-1 h...	HAYAJO	Mojolicious::Sessions::Storable	Jun 18, 2026	CVE
MEDIUM 6.7	CVE-2026-55392	NILFS utilities – Undefined Behavior and Out-of-Memory via Unvalidated s_log_block_size_CVE-2026-55392 NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfs_sb_is_valid() function fails to validate s_log_block_size field in NILFS2 superblock ...	nilfs-dev	nilfs-utils	Jun 18, 2026	CVE
MEDIUM 5.3	CVE-2026-48937	CVE-2026-48937_CVE-2026-48937 A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a `GOAWAY` frame. This vulnerability affects two su...	nodejs	node 22.22.3	Jun 18, 2026	CVE
MEDIUM 6.1	CVE-2026-47833	CVE-2026-47833_CVE-2026-47833 setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bp...	Cloud Foundry Foundation	bpm-release	Jun 18, 2026	CVE
HIGH 7.5	PACKETSTORM:223805	📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:223805 WordPress Contest Gallery plugin version 28.1.4 unauthenticated blind SQL Injection exploit written in Python3...	N/A	N/A	Jun 18, 2026	PACKETSTORM
NONE	0CF22E77-69CF-	SQL-Injection_0CF22E77-69CF-5381-99B9-FA46DAC954C6 SQL-Injection This project, developed in VS Code using JavaScript Node.js, demonstrates the mechanics and remediation of SQL Injection SQLi. It fea...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

JTL Shop < 5.7.2 Server-Side Template Injection via Smarty Renderer_CVE-2026-54390

Recent Advisories

pam_usb: Infinite loop DoS in process-tree walk when parent process exits during authentication_CVE-2026-48986

pam_usb: NULL Dereference Crash in pusb_is_loginctl_local when loginctl Returns Empty Remote Field_CVE-2026-48985

pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap_CVE-2026-48984

Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely_CVE-2026-9692

NILFS utilities – Undefined Behavior and Out-of-Memory via Unvalidated s_log_block_size_CVE-2026-55392

CVE-2026-48937_CVE-2026-48937

CVE-2026-47833_CVE-2026-47833

📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:223805

SQL-Injection_0CF22E77-69CF-5381-99B9-FA46DAC954C6

Protect Your Attack Surface with RedGem

Security Intelligence
Feed