Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

292 New today
64,923 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
285
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-49411

Deno Node TCPWrap numeric hostname aliases bypass –deny-net resolved-IP deny checks_CVE-2026-49411

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.0, the Node.js compatibility TCP path checked the permission against the or...

denoland deno < 2.8.0 CVE
MEDIUM 5.5 CVE-2026-49406

Deno: BYONM module resolution allows `package.json` main path traversal to bypass `–allow-read` restrictions_CVE-2026-49406

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.12, when Deno was run in BYONM mode (nodeModulesDir: "manual"), the module ...

denoland deno < 2.7.12 CVE
HIGH 8.1 CVE-2026-49402

Deno: Command Injection via spawnSync & spawn on Windows_CVE-2026-49402

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.10, Deno's node:child_process implementation provided an escapeShellArg() h...

denoland deno < 2.7.10 CVE
HIGH 7.3 CVE-2026-49401

Deno Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)_CVE-2026-49401

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions...

denoland deno < 2.7.14 CVE
HIGH 7.4 CVE-2026-44726

Deno: TLS retry copies stale upgrade hook, risking plaintext traffic_CVE-2026-44726

Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.0.0 until 2.7.8, a flaw in Deno's Node.js tls compatibility layer could cause a T...

denoland deno >= 2.0.0, < 2.7.8 CVE
HIGH 7.1 CVE-2025-71382

MuPDF < 1.27.0-rc1 Stack Exhaustion DoS via EPUB CSS Rendering_CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a d...

ArtifexSoftware mupdf CVE
HIGH 7.5 CVE-2025-61029

CVE-2025-61029_CVE-2025-61029

An issue in the sqlo_untry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL st...

n/a n/a n/a CVE
HIGH 7.5 CVE-2025-61024

CVE-2025-61024_CVE-2025-61024

An issue in the sqlo_try_in_loop component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted ...

n/a n/a n/a CVE
MEDIUM 6.5 CVE-2026-54324

Daytona: Cross-tenant data leak in notification WebSocket gateway via unverified organizationId join_CVE-2026-54324

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant author...

daytonaio daytona < 0.185.0 CVE