Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

243 New today
65,336 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
49
Jun 25
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.3 CVE-2026-46349

Mastodon: LD-Signature Bypass via JSON-LD Named-Graph Restructuring_CVE-2026-46349

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, Mastodon's normalization of incomi...

mastodon mastodon >= 4.5.0-beta.1, < 4.5.10 CVE
HIGH 8.7 CVE-2026-46348

Mastodon: SSRF Bypass via IPv6 Unspecified Address (::)_CVE-2026-46348

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, the list of disallowed IP address ...

mastodon mastodon >= 4.5.0-beta.1, < 4.5.10 CVE
HIGH 7.1 CVE-2026-27708

FOSSBilling: IDOR in Servicecustom Client API allows cross-client data access_CVE-2026-27708

FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, the Servicecustom Client API's __call method ...

FOSSBilling FOSSBilling < 0.8.0 CVE
HIGH 8 CVE-2026-23879

py7zr: Arbitrary File Write Vulnerability_CVE-2026-23879

py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below...

miurahr py7zr < 1.1.3 CVE
NONE 40F18FB2-8F72-

AttackGraph_40F18FB2-8F72-57E1-B69E-6FC9A3A864D9

AttackGraph AI AttackGraph AI is an AI-powered application security platform that aggregates findings from multiple security tools, correlates rela...

N/A N/A GITHUBEXPLOIT
NONE FAF88B42-E4E8-

ritesh-security-check_FAF88B42-E4E8-5324-9F0C-4D51FA034454

Ritesh Security Check A portable security-audit ruleset for AI-generated / "vibe-coded" apps Next.js, React, Vite, Supabase, Firebase. It's a do/do...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 CVE-2026-0126

CVE-2026-0126_CVE-2026-0126

In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional exe...

Google Android Android kernel CVE
HIGH 8.6 CVE-2026-49269

CVE-2026-49269_CVE-2026-49269

Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU re...

Apple Apple M1 GPU Legacy CVE
LOW 2.1 CVE-2026-54906

concurrent-ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption_CVE-2026-54906

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLock#release_write_lock does not verify that the calli...

ruby-concurrency concurrent-ruby < 1.3.7 CVE