Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

264 New today

64,996 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

Jun 24

Critical

High

Medium

Low

Latest

CVE CVSS 4.4

Gstreamer1-plugins-bad: gstreamer1-plugins-bad: 1-byte heap out-of-bounds read in h.264 nal extension slice parser_CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check sl...

CVE-2026-12892 Red Hat Red Hat Enterprise Linux 10

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.3	CVE-2026-12891	Gstreamer1-plugins-bad: gstreamer1-plugins-bad: global buffer overflow (oob read) in h.266/vvc vui parameter parser_CVE-2026-12891 A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator...	Red Hat	Red Hat Enterprise Linux 10	Jun 23, 2026	CVE
HIGH 7.8	CVE-2026-12112	Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse_CVE-2026-12112 A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active ...	Red Hat	Red Hat Satellite 6	Jun 23, 2026	CVE
MEDIUM 6.5	CVE-2026-11820	Community.general: community.general nexmo — api credentials exposed in get url query string[security] community.general nexmo — api credentials exposed in get url query string_CVE-2026-11820 Module: plugins/modules/nexmo.py CVSS 3.1: 6.5 MEDIUM — AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: api_key and api_secret are declared no_log=Tr...	Red Hat	Red Hat Enterprise Linux 10	Jun 23, 2026	CVE
MEDIUM 5.5	CVE-2026-11819	Community.general: community.general keyring_info — os keyring passphrase returned in plaintext_CVE-2026-11819 Module: plugins/modules/keyring_info.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase fro...	Red Hat	Red Hat Enterprise Linux 10	Jun 23, 2026	CVE
CRITICAL 9.6	CVE-2026-11807	Eda-server: websocket missing authorization allows credential theft via activation_id spoofing_CVE-2026-11807 A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not...	Red Hat	Red Hat Ansible Automation Platform 2.5 2.5	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2025-64105	FOSSBilling: IDOR Vulnerability in Support Ticket Creation_CVE-2025-64105 FOSSBilling is a billing and client management system that automates invoicing, payments, and communication for online service businesses. Versions...	FOSSBilling	FOSSBilling >= 0.6.21, < 0.8.0	Jun 23, 2026	CVE
HIGH 10	01330BA9-9AFB-	vulnerability-assessment-metasploitable2_01330BA9-9AFB-5AA8-A3E2-3AB2FE216993 Vulnerability Assessment — Metasploitable 2 A end-to-end vulnerability assessment conducted against a controlled lab environment, documented in con...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
NONE	CCBEE2BE-146B-	darknet-mcp-server_CCBEE2BE-146B-5FC0-952D-5C95B8EACFB0 English \| 简体中文 \| 繁體中文 \| 한국어 \| Deutsch \| Español \| Français \| Italiano \| Dansk \| 日本語 \| Polski \| Русский \| Bosanski \| العربية \| Norsk \|...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
HIGH 8.1	C0FC9086-8648-	Exploit for CVE-2026-45156_C0FC9086-8648-5BF4-BFEE-F541B2675907 CVE-2026-45156: Nextcloud useroidc ID4me JWT Signature Bypass This repository contains the Proof of Concept PoC exploit script for CVE-2026-45156, ...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Gstreamer1-plugins-bad: gstreamer1-plugins-bad: 1-byte heap out-of-bounds read in h.264 nal extension slice parser_CVE-2026-12892

Recent Advisories

Gstreamer1-plugins-bad: gstreamer1-plugins-bad: global buffer overflow (oob read) in h.266/vvc vui parameter parser_CVE-2026-12891

Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse_CVE-2026-12112

Community.general: community.general nexmo — api credentials exposed in get url query string[security] community.general nexmo — api credentials exposed in get url query string_CVE-2026-11820

Community.general: community.general keyring_info — os keyring passphrase returned in plaintext_CVE-2026-11819

Eda-server: websocket missing authorization allows credential theft via activation_id spoofing_CVE-2026-11807

FOSSBilling: IDOR Vulnerability in Support Ticket Creation_CVE-2025-64105

vulnerability-assessment-metasploitable2_01330BA9-9AFB-5AA8-A3E2-3AB2FE216993

darknet-mcp-server_CCBEE2BE-146B-5FC0-952D-5C95B8EACFB0

Exploit for CVE-2026-45156_C0FC9086-8648-5BF4-BFEE-F541B2675907

Protect Your Attack Surface with RedGem

Security Intelligence
Feed