Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

300 New today
65,285 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
353
Jun 24
Jun 25
Critical
High
Medium
Low
Latest
CVE CVSS 8.6

Warp: Env-var prefixes can lead to denylisted command autoexecution_CVE-2026-48721

Warp is an agentic development environment. From 0.2025.10.08.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution permission-check bypass in the default unsandboxed CLI agent profile. The CLI profile is non-interactive and relies on a command ...

CVE-2026-48721 warpdotdev warp >= 0.2025.10.08.08.12.stable_00, < 0.2026.05.13.09.15.stable_01
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.8 CVE-2026-48720

Warp: SSH remote output can lead to local file overwrite and persistence_CVE-2026-48720

Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337...

warpdotdev warp >= 0.2025.03.05.08.02.stable_00, < 0.2026.05.13.09.15.stable_01 CVE
HIGH 8 CVE-2026-48719

Warp branch selector command injection via Git branch names_CVE-2026-48719

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...

warpdotdev warp >= 0.2025.08.06.08.12.stable_00, < 0.2026.05.13.09.15.stable_01 CVE
HIGH 8.8 CVE-2026-48704

Warp Markdown notebook links may open executable local files_CVE-2026-48704

Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.05.06.15.42.stable_01, Warp may open executable local fi...

warpdotdev warp >= 0.2023.10.24.08.03.stable_00, < 0.2026.05.13.09.15.stable_01 CVE
HIGH 7.8 CVE-2026-48703

Warp: Command Injection via Warp code search tool arguments_CVE-2026-48703

Warp is an agentic development environment. From 0.2025.04.09.08.11.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...

warpdotdev warp >= 0.2025.04.09.08.11.stable_00, < 0.2026.05.13.09.15.stable_01 CVE
MEDIUM 5.5 CVE-2026-44022

Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands_CVE-2026-44022

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2....

docling-project docling >= 2.73.0, < 2.91.0 CVE
HIGH 7.5 CVE-2026-44020

Docling: Unsafe XML Entity Expansion in USPTO Patent Backend_CVE-2026-44020

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2....

docling-project docling >= 2.13.0, < 2.74.0 CVE
HIGH 7.5 CVE-2026-44017

Docling: Unsafe Zip Extraction in EasyOCR Model Download_CVE-2026-44017

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the...

docling-project docling < 2.91.0 CVE
HIGH 8.2 CVE-2026-44016

Docling: Unsafe Playwright-based HTML Rendering_CVE-2026-44016

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions >= 2.82...

docling-project docling >= 2.82.0, < 2.91.0 CVE
HIGH 7.5 PACKETSTORM:224227

📄 HTTP.sys HTTP/2 Denial of Service_PACKETSTORM:224227

This advisory provides simple proof of concept details to trigger the HTTP/2 denial of service condition related to malformed Accept-Encoding heade...

N/A N/A PACKETSTORM