Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

224 New today

65,343 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

Jun 25

Critical

High

Medium

Low

Latest

CVE CVSS 8.3

CVE-2026-13025_CVE-2026-13025

Race in DevTools in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

CVE-2026-13025 Google Chrome 149.0.7827.197

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.2	CVE-2026-13024	CVE-2026-13024_CVE-2026-13024 Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the...	Google	Chrome 149.0.7827.197	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-13023	CVE-2026-13023_CVE-2026-13023 Uninitialized Use in GPU in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to obtain pote...	Google	Chrome 149.0.7827.197	Jun 24, 2026	CVE
MEDIUM 4.3	CVE-2026-13021	CVE-2026-13021_CVE-2026-13021 Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same ori...	Google	Chrome 149.0.7827.197	Jun 24, 2026	CVE
MEDIUM 5.5	CVE-2025-60471	CVE-2025-60471_CVE-2025-60471 A use-after-free in the gf_filter_pid_reconfigure_task_discard function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows at...	n/a	n/a n/a	Jun 24, 2026	CVE
HIGH 7.6	CVE-2026-55583	Twenty: Cross-workspace IDOR in AgentTurnResolver_CVE-2026-55583 Twenty is an open-source CRM (customer relationship management) platform. Prior to 2.9.0, Twenty was vulnerable to a cross-workspace insecure direc...	twentyhq	twenty < 2.9.0	Jun 24, 2026	CVE
MEDIUM 6.5	CVE-2026-48028	Mastodon: Removal of integrity-protected JSON entries from signed activities_CVE-2026-48028 Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, Mastodon's normalization of incomi...	mastodon	mastodon >= 4.5.0-beta.1, < 4.5.10	Jun 24, 2026	CVE
HIGH 8.6	CVE-2026-47389	Mastodon: SSRF protection bypass on older Ruby versions_CVE-2026-47389 Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, when using Ruby versions older tha...	mastodon	mastodon >= 4.5.0-beta.1, < 4.5.10	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-46349	Mastodon: LD-Signature Bypass via JSON-LD Named-Graph Restructuring_CVE-2026-46349 Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, Mastodon's normalization of incomi...	mastodon	mastodon >= 4.5.0-beta.1, < 4.5.10	Jun 24, 2026	CVE
HIGH 8.7	CVE-2026-46348	Mastodon: SSRF Bypass via IPv6 Unspecified Address (::)_CVE-2026-46348 Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, the list of disallowed IP address ...	mastodon	mastodon >= 4.5.0-beta.1, < 4.5.10	Jun 24, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CVE-2026-13025_CVE-2026-13025

Recent Advisories

CVE-2026-13024_CVE-2026-13024

CVE-2026-13023_CVE-2026-13023

CVE-2026-13021_CVE-2026-13021

CVE-2025-60471_CVE-2025-60471

Twenty: Cross-workspace IDOR in AgentTurnResolver_CVE-2026-55583

Mastodon: Removal of integrity-protected JSON entries from signed activities_CVE-2026-48028

Mastodon: SSRF protection bypass on older Ruby versions_CVE-2026-47389

Mastodon: LD-Signature Bypass via JSON-LD Named-Graph Restructuring_CVE-2026-46349

Mastodon: SSRF Bypass via IPv6 Unspecified Address (::)_CVE-2026-46348

Protect Your Attack Surface with RedGem

Security Intelligence
Feed