Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

54 New today

64,223 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

CVE CVSS 8.8

U.S. GAO EPDS and CBCA EDS client-based privilege escalation_CVE-2026-54104

The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic Docketing System (EDS) trusts client-provided values for the 'epds_role_id' parameter without verification, allowing a remote, au...

CVE-2026-54104 Government Accountability Office Electronic Protest Docketing System (EPDS)

Jun 18, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2026-54103	U.S. GAO EPDS and CBCA EDS unauthenticated password change_CVE-2026-54103 The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic...	Government Accountability Office	Electronic Protest Docketing System (EPDS)	Jun 18, 2026	CVE
LOW 1.8	CVE-2026-48617	CVE-2026-48617_CVE-2026-48617 A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation. This can lead to confidentialit...	nodejs	node 22.22.3	Jun 18, 2026	CVE
HIGH 7.5	CVE-2026-38718	CVE-2026-38718_CVE-2026-38718 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a buffer overflow vulnerability...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38717	CVE-2026-38717_CVE-2026-38717 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38716	CVE-2026-38716_CVE-2026-38716 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38715	CVE-2026-38715_CVE-2026-38715 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
CRITICAL 9.8	CVE-2026-38714	CVE-2026-38714_CVE-2026-38714 InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerabili...	n/a	n/a n/a	Jun 18, 2026	CVE
MEDIUM 5.1	CVE-2026-11982	Stored XSS via missing XSS safety check in Admin2 Pages API partial validation_CVE-2026-11982 Grav 2.0.0-rc.9 with Admin2 2.0.0-rc.14 contains a stored cross-site scripting (XSS) vulnerability in the Admin2 Pages API save flow.	Grav	grav-plugin-api 1.7.52	Jun 18, 2026	CVE
HIGH 7.5	CVE-2025-53114	CometD has acknowledgement extension out of memory_CVE-2025-53114 CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0....	cometd	cometd >= 5.0.0, < 5.0.23	Jun 18, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

U.S. GAO EPDS and CBCA EDS client-based privilege escalation_CVE-2026-54104

Recent Advisories

U.S. GAO EPDS and CBCA EDS unauthenticated password change_CVE-2026-54103

CVE-2026-48617_CVE-2026-48617

CVE-2026-38718_CVE-2026-38718

CVE-2026-38717_CVE-2026-38717

CVE-2026-38716_CVE-2026-38716

CVE-2026-38715_CVE-2026-38715

CVE-2026-38714_CVE-2026-38714

Stored XSS via missing XSS safety check in Admin2 Pages API partial validation_CVE-2026-11982

CometD has acknowledgement extension out of memory_CVE-2025-53114

Protect Your Attack Surface with RedGem

Security Intelligence
Feed