Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

220 New today

64,839 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

201

Jun 23

Critical

High

Medium

Low

Latest

CVE CVSS 5.9

Guzzle: Silent HTTPS-Proxy Downgrade to Cleartext_CVE-2026-55568

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, in certain configurations, traffic expected to be protected by TLS on the hop to the proxy is transmitted in cleartext. Proxy authentication credentials (the Proxy-Authorization header, proxy userinfo in the proxy URL, ...

CVE-2026-55568 guzzle guzzle < 7.12.1

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.3	CVE-2026-54314	n8n: Denial of Service via ZIP decompression in webhook workflow_CVE-2026-54314 n8n is an open source workflow automation platform. Prior to 2.24.0, the Compression node's Decompress operation expanded attacker-controlled archi...	n8n-io	n8n < 2.24.0	Jun 23, 2026	CVE
MEDIUM 6.5	CVE-2026-54313	n8n: NoSQL Injection in MongoDB Node Find And Replace Operation_CVE-2026-54313 n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with workflow edit access could supply a malicious filte...	n8n-io	n8n < 2.24.0	Jun 23, 2026	CVE
HIGH 7.2	CVE-2026-54312	n8n: Microsoft SQL Node Prototype Pollution_CVE-2026-54312 n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with permission to create or modify workflows could achi...	n8n-io	n8n < 2.24.0	Jun 23, 2026	CVE
MEDIUM 6	CVE-2026-54311	n8n: Merge Node SQL Mode Prototype Pollution_CVE-2026-54311 n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows...	n8n-io	n8n >= 2.26.0, < 2.26.2	Jun 23, 2026	CVE
MEDIUM 6.5	CVE-2026-54310	n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes_CVE-2026-54310 n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows...	n8n-io	n8n >= 2.26.0, < 2.26.2	Jun 23, 2026	CVE
HIGH 8.8	CVE-2026-54309	n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions_CVE-2026-54309 n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoi...	n8n-io	n8n >= 2.26.0, < 2.26.2	Jun 23, 2026	CVE
MEDIUM 6.8	CVE-2026-54303	n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints_CVE-2026-54303 n8n is an open source workflow automation platform. Prior to 2.24.0, an endpoint in the Meta and Microsoft Teams trigger nodes reflects a query par...	n8n-io	n8n < 2.24.0	Jun 23, 2026	CVE
HIGH 7.1	CVE-2025-62180	Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs._CVE-2025-62180 Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain...	Pegasystems	Pega Infinity 8.3.0	Jun 23, 2026	CVE
LOW 3.5	CVE-2025-15619	HCL Connections is vulnerable to broken access control_CVE-2025-15619 HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario.	HCLSoftware	Connections 7.0, 8.0	Jun 23, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Guzzle: Silent HTTPS-Proxy Downgrade to Cleartext_CVE-2026-55568

Recent Advisories

n8n: Denial of Service via ZIP decompression in webhook workflow_CVE-2026-54314

n8n: NoSQL Injection in MongoDB Node Find And Replace Operation_CVE-2026-54313

n8n: Microsoft SQL Node Prototype Pollution_CVE-2026-54312

n8n: Merge Node SQL Mode Prototype Pollution_CVE-2026-54311

n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes_CVE-2026-54310

n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions_CVE-2026-54309

n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints_CVE-2026-54303

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs._CVE-2025-62180

HCL Connections is vulnerable to broken access control_CVE-2025-15619

Protect Your Attack Surface with RedGem

Security Intelligence
Feed