Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

295 New today

64,616 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

295

Jun 22

Jun 23

Critical

High

Medium

Low

Latest

CVE CVSS 7.7

GPU DDK – _MMU_AllocLevel error recovery paths leave dangling page table entries_CVE-2026-34192

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an err...

CVE-2026-34192 Imagination Technologies Graphics DDK 1.18 RTM

Jun 19, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.1	CVE-2026-55443	LangChain: Path traversal and sandbox escape in LangChain file-search middleware and loaders_CVE-2026-55443 LangChain is a framework for building agents and LLM-powered applications. Prior to 1.3.9, several LangChain components that resolve filesystem pat...	langchain-ai	langchain < 1.3.9	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-54300	@astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN config_CVE-2026-54300 @astrojs/netlify is an adapter that allows Astro to deploy your hybrid or server rendered site to Netlify. Prior to 7.0.13, @astrojs/netlify conver...	withastro	astro < 7.0.13	Jun 22, 2026	CVE
HIGH 7.5	CVE-2026-54299	Astro: Host-header full-read SSRF in core prerendered error-page fetch (prerenderedErrorPageFetch default + unvalidated createRequestFromNodeRequest URL)_CVE-2026-54299 Astro is a web framework. Prior to 6.4.6, Astro SSR apps with prerendered error pages (/404 or /500 using export const prerender = true) fetch thos...	withastro	astro < 6.4.6	Jun 22, 2026	CVE
MEDIUM 4.2	CVE-2026-54298	Astro: XSS via Unescaped Attribute Names in Spread Props_CVE-2026-54298 Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and pas...	withastro	astro < 6.4.6	Jun 22, 2026	CVE
HIGH 7.5	CVE-2026-54293	NLTK: URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File Read_CVE-2026-54293 NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural L...	nltk	nltk < 3.10.0-rc1	Jun 22, 2026	CVE
MEDIUM 6.5	CVE-2026-54288	Hono: Body Limit Middleware can be bypassed on AWS Lambda by understating `Content-Length`_CVE-2026-54288 Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, the Body Limit Middleware trusts the reques...	honojs	hono < 4.12.25	Jun 22, 2026	CVE
HIGH 8.7	CVE-2026-53779	WebP Server Go < 0.15.0 Path Traversal via Backslash Encoding on Windows_CVE-2026-53779 WebP Server Go through 0.14.4 contains a path traversal vulnerability on Windows that allows unauthenticated attackers to read files outside the co...	webp-sh	webp_server_go	Jun 22, 2026	CVE
LOW 3.1	CVE-2026-53663	React Router: `handleDocumentRequest` CSRF check covers `POST` only; PUT/PATCH/DELETE bypass_CVE-2026-53663 React Router is a router for React. From 7.12.0 until 7.15.1, certain CSRF checks in React Router v7 Framework Mode were insufficient and run on PO...	remix-run	react-router >= 7.12.0, < 7.15.1	Jun 22, 2026	CVE
HIGH 7.1	CVE-2026-50146	Astro: Reflected XSS via unescaped slot name_CVE-2026-50146 Astro is a web framework. Prior to 6.3.3, when a component uses a client:* directive, Astro inserts named slot content into a data-astro-template a...	withastro	astro < 6.3.3	Jun 22, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

GPU DDK – _MMU_AllocLevel error recovery paths leave dangling page table entries_CVE-2026-34192

Recent Advisories

LangChain: Path traversal and sandbox escape in LangChain file-search middleware and loaders_CVE-2026-55443

@astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN config_CVE-2026-54300

Astro: Host-header full-read SSRF in core prerendered error-page fetch (prerenderedErrorPageFetch default + unvalidated createRequestFromNodeRequest URL)_CVE-2026-54299

Astro: XSS via Unescaped Attribute Names in Spread Props_CVE-2026-54298

NLTK: URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File Read_CVE-2026-54293

Hono: Body Limit Middleware can be bypassed on AWS Lambda by understating `Content-Length`_CVE-2026-54288

WebP Server Go < 0.15.0 Path Traversal via Backslash Encoding on Windows_CVE-2026-53779

React Router: `handleDocumentRequest` CSRF check covers `POST` only; PUT/PATCH/DELETE bypass_CVE-2026-53663

Astro: Reflected XSS via unescaped slot name_CVE-2026-50146

Protect Your Attack Surface with RedGem

Security Intelligence
Feed