Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

161 New today
65,709 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
46
Jun 26
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.3 CVE-2026-57451

Vim: Out-of-bounds Read in Text Property Count_CVE-2026-57451

Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline ...

vim vim < 9.2.0670 CVE
LOW 2.2 CVE-2026-57438

Nokogiri: Possible Use-After-Free in XInclude Processing_CVE-2026-57438

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XM...

sparklemotion nokogiri < 1.19.4 CVE
MEDIUM 5.7 CVE-2026-55895

Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename_CVE-2026-55895

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the ...

vim vim < 9.2.0663 CVE
MEDIUM 5.5 CVE-2026-55892

Vim: Out-of-bounds Write in Spell File Prefix Dump_CVE-2026-55892

Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iter...

vim vim < 9.2.0662 CVE
MEDIUM 5.7 CVE-2026-55693

Vim: Out-of-bounds Write in Spell File Word Count_CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fiel...

vim vim < 9.2.0653 CVE
HIGH 7.2 CVE-2026-55477

Authenticated Arbitrary File Write via Database Import and Xray Log Path Manipulation_CVE-2026-55477

3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functiona...

MHSanaei 3x-ui < 3.3.1 CVE
MEDIUM 5.3 CVE-2026-54036

LibreChat: 2FA Re-enrollment Allows Full Account 2FA Takeover Without OTP Verification_CVE-2026-54036

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called...

danny-avila LibreChat < 0.8.4-rc1 CVE
MEDIUM 6.7 CVE-2026-4522

CVE-2026-4522_CVE-2026-4522

Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYP...

HYPR Passwordless CVE
HIGH 7.5 616C2155-98D5-

Exploit for Classic Buffer Overflow in Qualcomm Apq8097_Firmware_616C2155-98D5-5316-BB35-BF924B098C71

Katana A BootROM exploit for Qualcomm devices released within 2016 til 2019. Brief Explanation of the Exploit With the MSM8998 Nazgul SoC, the comm...

N/A N/A GITHUBEXPLOIT