Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

308 New today
65,585 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
298
Jun 25
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.9 CVE-2026-56787

RTKLIB 2.4.3 – Off-by-One Out-of-Bounds Read in decode_ssr3 via RTCM3 SSR Message_CVE-2026-56787

RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decode_ssr3 function at src/rtcm3.c:1446 that allows remote att...

tomojitakasu RTKLIB CVE
CRITICAL 9.3 CVE-2026-56786

RTKLIB 2.4.3 – Out-of-bounds Write in decode_type1033 via Crafted RTCM3 Message_CVE-2026-56786

RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decode_type1033 function that fails to clamp length counters to destination b...

tomojitakasu RTKLIB CVE
MEDIUM 5.3 CVE-2026-56779

MaxKB < 2.10.0 - Server-Side Request Forgery via downloadCallbackUrl and download_url Parameters_CVE-2026-56779

MaxKB before 2.10.0 contains a server-side request forgery vulnerability in tool creation and update endpoints that allows authenticated users to m...

1Panel-dev MaxKB CVE
MEDIUM 5.3 CVE-2026-56774

Kanboard – Cross-User Deletion of Persistent Login Sessions via Unvalidated Session ID_CVE-2026-56774

Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to...

kanboard kanboard CVE
MEDIUM 5.3 CVE-2026-56772

NewsBlur < 14.5.0 - Insecure Direct Object Reference in Social Interactions Endpoint_CVE-2026-56772

NewsBlur before 14.5.0 contains a broken access control vulnerability that allows authenticated users to read private notification feeds by supplyi...

samuelclay NewsBlur CVE
MEDIUM 6.3 CVE-2026-56771

NewsBlur < 14.5.0 - Server-Side Request Forgery via add_url Endpoint_CVE-2026-56771

NewsBlur before version 14.5.0 contains a server-side request forgery vulnerability in the add_url endpoint that allows authenticated users to make...

samuelclay NewsBlur CVE
HIGH 8.7 CVE-2026-56770

libais 0.15 – Out-of-bounds Vector Access in VdmStream::AddLine via Invalid Sequential Message ID_CVE-2026-56770

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range ...

schwehr libais CVE
MEDIUM 6.3 CVE-2026-56769

Huly Platform – Server-Side Request Forgery via /import Endpoint_CVE-2026-56769

Huly Platform before commit 68cbf8a contains an authenticated server-side request forgery vulnerability in the /import endpoint of front pod that a...

hcengineering platform CVE
HIGH 8.7 CVE-2026-56768

Seahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET Method_CVE-2026-56768

Seahub before 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass au...

haiwen seahub CVE