Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

95 New today
64,175 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
14
Jun 20
Critical
High
Medium
Low
Latest
CVE CVSS 6.5

Simple File List <= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute_CVE-2026-12119

The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' shortcode attribute in all versions up to, and including, 6.3.7. This makes it possible for authenticated attackers, with contribut...

CVE-2026-12119 eemitch Simple File List
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2026-11912

Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action_CVE-2026-11912

The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up ...

eemitch Simple File List CVE
HIGH 7.5 CVE-2026-11911

Simple File List <= 6.3.7 - Unauthenticated Arbitrary File Deletion via Path Traversal in 'eeSubFolder' Parameter_CVE-2026-11911

The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL_DeleteFile...

eemitch Simple File List CVE
NONE 21035EF9-5EDC-

jfp-console-poc_21035EF9-5EDC-5620-8320-382C3B11EE13

JFP Console PoC Tamper-evident autonomous system governor with a live operator dashboard. JFP Console PoC is a Linux daemon that monitors system re...

N/A N/A GITHUBEXPLOIT
NONE PACKETSTORM:223848

📄 Android Kernel /dev/umts_ipc0 Out-Of-Bounds Read / Write_PACKETSTORM:223848

Proof of concept exploit targeting a vulnerability in an Android kernel driver related to GNSS/UMTS IPC /dev/umtsipc0...

N/A N/A PACKETSTORM
NONE PACKETSTORM:223862

📄 TOTOLINK N300RH Buffer Overflow_PACKETSTORM:223862

This is a Metasploit auxiliary module that targets a stack-based buffer overflow in the TOTOLINK N300RH router's setWiFiBasicConfig CGI handler. Th...

N/A N/A PACKETSTORM
CRITICAL 9.2 PACKETSTORM:223892

📄 HP Poly Voice Unauthenticated Remote Code Execution_PACKETSTORM:223892

CVE-2026-0826 is a critical unauthenticated stack-based buffer overflow vulnerability affecting all models in the VVX series VVX 150, VVX 250, VVX ...

N/A N/A PACKETSTORM
NONE PACKETSTORM:223857

📄 Veno File Manager 4.4.9 Arbitrary File Read / Log Disclosure_PACKETSTORM:223857

Veno File Manager version 4.4.9 proof of concept exploit that demonstrates file and log disclosure vulnerabilities...

N/A N/A PACKETSTORM
NONE PACKETSTORM:223853

📄 Veno File Manager 4.4.9 Log Disclosure_PACKETSTORM:223853

This Metasploit module allows unauthenticated attackers to download application logs from Veno File Manager version 4.4.9 by exploiting the save-cs...

N/A N/A PACKETSTORM
NONE EEB1E980-0710-

Sql-injection-demo_EEB1E980-0710-5596-9408-D2B6931CF0DE

No description provided...

N/A N/A GITHUBEXPLOIT