Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

288 New today
64,608 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
287
Jun 22
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.8 CVE-2026-50168

Angular: URL Parser Differential in @angular/platform-server leading to SSRF Allowlist Bypass_CVE-2026-50168

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-rc.2 CVE
LOW 3.2 CVE-2026-49356

Babel: Arbitrary File Read via sourceMappingURL Comment in @babel/core_CVE-2026-49356

Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a so...

babel babel >= 8.0.0-alpha.0, < 8.0.0-rc.5 CVE
HIGH 7.5 CVE-2026-48712

protobufjs: Denial of service through unbounded Any expansion during JSON conversion_CVE-2026-48712

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.6.1 and 8.4.1, protobufjs could recurse without a depth limit w...

protobufjs protobuf.js < 7.6.1 CVE
HIGH 8.8 CVE-2026-46417

Angular: SSRF via Hostname Hijacking in @angular/platform-server_CVE-2026-46417

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0...

angular angular >= 22.0.0-next.0, < 22.0.0-next.12 CVE
HIGH 7.5 CVE-2026-42127

Grafana pre-auth DoS through arbitrarily large input to public dashboard query handler_CVE-2026-42127

The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive mem...

Grafana Grafana Enterprise CVE
HIGH 8.3 CVE-2026-12249

Canonical ADSys Trust Store Poisoning via Plaintext HTTP Certificate Auto-Enrollment_CVE-2026-12249

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services (AD CS) certificate auto...

N/A N/A 0.13.0 CVE
MEDIUM 4.8 CVE-2026-11994

Akaunting 3.1.21 – Authenticated stored XSS in report description rendering_CVE-2026-11994

Akaunting 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to c...

Akaunting Akaunting 3.1.21 CVE
CRITICAL 9.6 CVE-2026-10789

MCP Extension Code Injection Vulnerability in Autodesk Fusion Desktop_CVE-2026-10789

A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerabili...

Autodesk Fusion 2703.1.11 CVE
NONE D6FF95FF-AB43-

Exploit for CVE-2026-39031_D6FF95FF-AB43-5C20-B2BF-73B8488C5B3D

cve-2026-39031-lansweeper-lsrunase2-lsencrypt2 CVE-2026-39031 — offline plaintext password recovery for Lansweeper lsrunase 2.0 / lsencrypt 2.0 via...

N/A N/A GITHUBEXPLOIT