Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

294 New today
64,985 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
53
Jun 24
Critical
High
Medium
Low
Latest
CVE CVSS 4.3

Gstreamer1-plugins-bad: gstreamer1-plugins-bad: global buffer overflow (oob read) in h.266/vvc vui parameter parser_CVE-2026-12891

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to cra...

CVE-2026-12891 Red Hat Red Hat Enterprise Linux 10
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.8 CVE-2026-12112

Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse_CVE-2026-12112

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active ...

Red Hat Red Hat Satellite 6 CVE
MEDIUM 6.5 CVE-2026-11820

Community.general: community.general nexmo — api credentials exposed in get url query string[security] community.general nexmo — api credentials exposed in get url query string_CVE-2026-11820

Module: plugins/modules/nexmo.py CVSS 3.1: 6.5 MEDIUM — AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: api_key and api_secret are declared no_log=Tr...

Red Hat Red Hat Enterprise Linux 10 CVE
MEDIUM 5.5 CVE-2026-11819

Community.general: community.general keyring_info — os keyring passphrase returned in plaintext_CVE-2026-11819

Module: plugins/modules/keyring_info.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase fro...

Red Hat Red Hat Enterprise Linux 10 CVE
CRITICAL 9.6 CVE-2026-11807

Eda-server: websocket missing authorization allows credential theft via activation_id spoofing_CVE-2026-11807

A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not...

Red Hat Red Hat Ansible Automation Platform 2.5 2.5 CVE
MEDIUM 5.1 CVE-2025-64105

FOSSBilling: IDOR Vulnerability in Support Ticket Creation_CVE-2025-64105

FOSSBilling is a billing and client management system that automates invoicing, payments, and communication for online service businesses. Versions...

FOSSBilling FOSSBilling >= 0.6.21, < 0.8.0 CVE
HIGH 10 01330BA9-9AFB-

vulnerability-assessment-metasploitable2_01330BA9-9AFB-5AA8-A3E2-3AB2FE216993

Vulnerability Assessment — Metasploitable 2 A end-to-end vulnerability assessment conducted against a controlled lab environment, documented in con...

N/A N/A GITHUBEXPLOIT
NONE CCBEE2BE-146B-

darknet-mcp-server_CCBEE2BE-146B-5FC0-952D-5C95B8EACFB0

English | 简体中文 | 繁體中文 | 한국어 | Deutsch | Español | Français | Italiano | Dansk | 日本語 | Polski | Русский | Bosanski | العربية | Norsk |...

N/A N/A GITHUBEXPLOIT
HIGH 8.1 C0FC9086-8648-

Exploit for CVE-2026-45156_C0FC9086-8648-5BF4-BFEE-F541B2675907

CVE-2026-45156: Nextcloud useroidc ID4me JWT Signature Bypass This repository contains the Proof of Concept PoC exploit script for CVE-2026-45156, ...

N/A N/A GITHUBEXPLOIT
NONE 1575A355-8763-

CyberSentinel-Pro-Web-Vulnerability-Scanner_1575A355-8763-5E2E-A49C-1D91E96B1054

CyberSentinel Pro CyberSentinel Pro is a web vulnerability scanner designed to help identify common security weaknesses in web applications and ser...

N/A N/A GITHUBEXPLOIT