Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

272 New today
66,975 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
53
Jun 27
318
Jun 28
284
Jun 29
271
Jun 30
Critical
High
Medium
Low
Latest
CVE CVSS 4.4

Editorial Rating <= 4.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Link URL' Field_CVE-2026-12560

The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authe...

CVE-2026-12560 wpqode Editorial Rating – Product Review & Rating System
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 9A0091F4-6679-

Exploit for CVE-2026-43700_9A0091F4-6679-565C-8F3F-7D6907959F22

CVE-2026-43700 WebKit WebGPU importExternalTexture cross-domain information leakage. Safari: Red/Green/Blue/White – Fixed issue = 26.5.2: PATCHED i...

N/A N/A GITHUBEXPLOIT
NONE 4AD76066-A087-

Stored-XSS-leading-to-Remote-Code-Execution-Vulnerability-in-gpu-jupyter-_4AD76066-A087-5285-97B9-4D3DEED95B77

Stored XSS leading to Remote Code Execution Vulnerability in gpu-jupyter A stored cross-site scripting XSS vulnerability leading to remote code exe...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.9 54FD57FA-4F05-

Exploit for Prototype Pollution in N8N_54FD57FA-4F05-5BF3-A823-C8F345BE77D5

CVE-2026-44789 — n8n HTTP Request Node Pagination Prototype Pollution → RCE An authenticated n8n in the n8n server process through the HTTP Request...

N/A N/A GITHUBEXPLOIT
HIGH 7.5 CVE-2026-12243

Path Traversal via Percent-Encoding in nltk.data.find() and nltk.data.load()_CVE-2026-12243

NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue #3504. The `_UNSAFE_NO_PROTOCOL_RE` regex in ...

nltk nltk/nltk unspecified CVE
HIGH 8.4 CVE-2026-58302

CVE-2026-58302_CVE-2026-58302

rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via d...

LinuxCNC LinuxCNC CVE
NONE WIRED:9AB3DD2ED...

Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs_WIRED:9AB3DD2ED75ACDEE876552BBEA9C220C

Hundreds of contractors working on a project for Meta pretended to be kids in order to see how other chatbots like Gemini and ChatGPT would respond...

N/A N/A WIRED
CRITICAL 9.8 0E8262F5-24FF-

Exploit for Injection in Arjunsharda Searchor_0E8262F5-24FF-5B7F-A10A-2834068BE447

No description provided...

N/A N/A GITHUBEXPLOIT
MEDIUM 6.2 CVE-2026-10648

NULL-pointer dereference in MCUmgr serial/console SMP transport on buffer-pool exhaustion_CVE-2026-10648

mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of smp_packet_alloc() before che...

zephyrproject zephyr 4.4.0 CVE
HIGH 7.8 217E804A-7275-

Exploit for CVE-2026-46331_217E804A-7275-5DD0-8E73-C1B32AE8550D

cve-2026-46331-audit Read-only audit script for CVE-2026-46331 a.k.a. pedit COW — a partial copy-on-write bug in the Linux kernel's net/sched actpe...

N/A N/A GITHUBEXPLOIT