Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

272 New today
66,975 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
53
Jun 27
318
Jun 28
284
Jun 29
271
Jun 30
Critical
High
Medium
Low
Latest
CVE CVSS 7.5

Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()_CVE-2026-14164

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trig...

CVE-2026-14164 Red Hat Red Hat Enterprise Linux 10
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.3 CVE-2026-12819

DVP-12SE Missing Authentication and Unauthorized Write access Vulnerability_CVE-2026-12819

Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticat...

deltaww DVP-12SE * CVE
CRITICAL 9.3 CVE-2026-12818

DVP-12SE Exposure of Sensitive Information Vulnerability_CVE-2026-12818

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling (CWE-770) within their Modbus TC...

deltaww DVP-12SE * CVE
HIGH 8 CVE-2026-12240

Export User Data <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion via display_name Field_CVE-2026-12240

The Export User Data plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unserialize func...

qlstudio Export User Data CVE
MEDIUM 6.6 CVE-2026-45822

CVE-2026-45822_CVE-2026-45822

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode() function splits input on '%' producing N tokens and calls decod...

SamVerschueren decode-uri-component 0.1.0 CVE
HIGH 8.4 CVE-2026-12578

DTMSoft – Deserialization of Untrusted Data Vulnerability_CVE-2026-12578

The affected product is vulnerable to a deserialization of untrusted data, which may allow an attacker to execute arbitrary code.

deltaww DTMSoft * CVE
NONE H1:3832393

curl: libcurl upload read callbacks miss recursive API guard, allowing prohibited multi API reentry and ASAN-confirmed UAF_H1:3832393

## Summary: Several libcurl upload read callback paths invoke the application-provided CURLOPT_READFUNCTION without marking the easy handle as bein...

N/A N/A HACKERONE
HIGH 8.8 THN:9247B208C4F...

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs_THN:9247B208C4FFADCDFC198B9F5D16121C

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgEWbrJH-z_uAL6GFaOqplYF1ewSOBvFpaKD24W74VEBaSO-pW3sy0I0e57Bmc9yBKV4vb6zWYaVjd-oTSy2...

N/A N/A THN
NONE 37683967-95C5-

PoCE_37683967-95C5-5D47-B7AD-66112BFC2D29

POCE 1. Here we have combined all the frameworks to run in a single docker image in Combinedframeworks folder 2. If needs to run on subset, each fo...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.9 B98A8361-599D-

Exploit for OS Command Injection in Olivetin_B98A8361-599D-5E2B-A55A-3FCFBEC697F8

CVE-2026-27626 — OliveTin OS Command Injection PoC Summary | | | |---|---| | CVE ID | CVE-2026-27626 | | Component | OliveTin | | Vulnerability Cla...

N/A N/A GITHUBEXPLOIT