Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

264 New today

64,165 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 7

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Critical

High

Medium

Low

Latest

CVE CVSS 8.7

Supabase – Unauthenticated Cross-Tenant Billing Log Tampering via public.record_build_time RPC_CVE-2026-56082

Capgo (Cap-go/capgo) before 12.128.2 contains an improper access control vulnerability in the SECURITY DEFINER PostgREST RPC function public.record_build_time, which is granted to the anon role and callable with only the public Supabase publishable (sb_publishable_*) anon key....

CVE-2026-56082 Cap-go capgo

Jun 19, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-56081	Cap-go – Account Lockout via 2FA Misconfiguration on Unverified Email_CVE-2026-56081 Cap-go before 12.128.2 contains an authentication logic flaw that lets an attacker register and control an account bound to a victim's email addres...	Cap-go	capgo	Jun 19, 2026	CVE
MEDIUM 6.9	CVE-2026-56080	Cap-go – Authentication Logic Flaw in Enforce Password Policy_CVE-2026-56080 Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature: after a Super Admin enables the policy and successfully changes their...	Cap-go	capgo	Jun 19, 2026	CVE
HIGH 7.1	CVE-2026-56079	Capgo – Cross-Tenant Authorization Bypass via PostgREST Webhook Access_CVE-2026-56079 Capgo before 12.128.2 contains a cross-tenant authorization bypass vulnerability in PostgREST endpoints that allows org-scoped read API keys to acc...	Capgo	Capgo	Jun 19, 2026	CVE
CRITICAL 9.3	CVE-2026-56073	Cap-go – OTP Bypass via Response Manipulation in Email Verification_CVE-2026-56073 Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by mo...	Cap-go	capgo	Jun 19, 2026	CVE
CRITICAL 9.8	CVE-2026-11551	Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover_CVE-2026-11551 The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is du...	wpmudev	Branda – White Label & Branding, Free Login Page Customizer	Jun 19, 2026	CVE
NONE	F4DB36D1-16B3-	Exploit for CVE-2026-11551_F4DB36D1-16B3-5D76-9EDA-1FCB95DDC7E9 2026-11551 CVE-2026-11551: Branda Plugin - Unauthenticated Privilege Escalation via Account Takeover...	N/A	N/A	Jun 19, 2026	GITHUBEXPLOIT
CRITICAL 9.6	MS:CVE-2026-12440	CVE-2026-12440 Use after free in DigitalCredentials_MS:CVE-2026-12440 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 8.8	MS:CVE-2026-12439	CVE-2026-12439 Use after free in Digital Credentials_MS:CVE-2026-12439 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE
HIGH 8.8	MS:CVE-2026-12441	CVE-2026-12441 Use after free in File Input_MS:CVE-2026-12441 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Supabase – Unauthenticated Cross-Tenant Billing Log Tampering via public.record_build_time RPC_CVE-2026-56082

Recent Advisories

Cap-go – Account Lockout via 2FA Misconfiguration on Unverified Email_CVE-2026-56081

Cap-go – Authentication Logic Flaw in Enforce Password Policy_CVE-2026-56080

Capgo – Cross-Tenant Authorization Bypass via PostgREST Webhook Access_CVE-2026-56079

Cap-go – OTP Bypass via Response Manipulation in Email Verification_CVE-2026-56073

Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover_CVE-2026-11551

Exploit for CVE-2026-11551_F4DB36D1-16B3-5D76-9EDA-1FCB95DDC7E9

CVE-2026-12440 Use after free in DigitalCredentials_MS:CVE-2026-12440

CVE-2026-12439 Use after free in Digital Credentials_MS:CVE-2026-12439

CVE-2026-12441 Use after free in File Input_MS:CVE-2026-12441

Protect Your Attack Surface with RedGem

Security Intelligence
Feed