Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

115 New today
64,174 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
13
Jun 20
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 10 CVE-2026-48772

ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL_CVE-2026-48772

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the `PROXY...

sysown proxysql >= 2.0.0, < 3.0.9 CVE
HIGH 7.7 CVE-2026-48715

radvdump’s Route Information Option Parser has a Stack Buffer Overflow_CVE-2026-48715

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the `radvdump` utility shipped with radvd contains a stack buffer overflow ...

radvd-project radvdump < 2.21 CVE
HIGH 7.1 CVE-2026-48089

DevGuard has improper authorization on public assets_CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public a...

l3montree-dev devguard < 1.4.2 CVE
HIGH 7.5 CVE-2026-50559

Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities_CVE-2026-50559

Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20....

quarkusio quarkus >= 3.36.0, < 3.36.3 CVE
HIGH 7.1 CVE-2026-49346

libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow_CVE-2026-49346

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and...

strukturag libde265 < 1.1.0 CVE
MEDIUM 4.3 CVE-2026-49337

libde265 has an unbounded memory leak via orphaned slice headers in `read_slice_NAL`_CVE-2026-49337

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes `decoder_...

strukturag libde265 < 1.0.20 CVE
HIGH 7.1 CVE-2026-49295

libde265 has an out-of-bounds write in process_reference_picture_set via predicted short-term RPS_CVE-2026-49295

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds a...

strukturag libde265 < 1.0.20 CVE
LOW 1.3 CVE-2026-48794

Authelia has an Edge Case Access Control Rule Mismatch_CVE-2026-48794

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications vi...

authelia authelia >= 4.36.0, < 4.39.20 CVE
MEDIUM 6.5 CVE-2026-48129

Kestra task inputFiles accepts traversal filenames for worker file writes_CVE-2026-48129

Kestra is an open-source, event-driven orchestration platform. Prior to versions 1.3.19, 1.2.19, 1.1.19, and 1.0.43, Kestra task `inputFiles` write...

kestra-io kestra < 1.0.43 CVE