Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

155 New today

66,777 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

284

Jun 29

Jun 30

Critical

High

Medium

Low

Latest

CVE CVSS 8.4

acl < 2.4.0 Symlink Traversal Privilege Escalation via libacl Functions_CVE-2026-54369

acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file() that allows local attackers to escalate privileges by replacing any pathname component with...

CVE-2026-54369 acl project acl

Jun 29, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.2	CVE-2026-40524	FrontAccounting < 2.4.20 SQL Injection via get_gl_transactions()_CVE-2026-40524 FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the get_gl_transactions() function where the filter_type parameter is conca...	FrontAccounting	FrontAccounting	Jun 29, 2026	CVE
HIGH 7.2	CVE-2026-40523	FrontAccounting < 2.4.20 SQL Injection via reporting/rep710.php_CVE-2026-40523 FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Audit Trail report handler that allows authenticated attackers with SA_...	FrontAccounting	FrontAccounting	Jun 29, 2026	CVE
HIGH 7.1	CVE-2026-40522	FrontAccounting < 2.4.20 SQL Injection via rep601.php_CVE-2026-40522 FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Bank Statement report handler that allows authenticated attackers to ex...	FrontAccounting	FrontAccounting	Jun 29, 2026	CVE
HIGH 8.7	CVE-2026-40521	FrontAccounting < 2.4.20 Path Traversal RCE via attachment upload_CVE-2026-40521 FrontAccounting before 2.4.20 contains a path traversal vulnerability in the attachment upload handler that allows authenticated attackers to execu...	FrontAccounting	FrontAccounting	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-13676	fast-uri vulnerable to host confusion via failed IDN canonicalization_CVE-2026-13676 fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode (IDN) hostnames for HTTP-family URLs. The IDN conversion path calls a ...	fast-uri	fast-uri 4.0.0	Jun 29, 2026	CVE
MEDIUM 5.1	CVE-2026-13570	SourceCodester Inventory Management System User Registration Endpoint users_handler.php cross site scripting_CVE-2026-13570 A vulnerability was detected in SourceCodester Inventory Management System 1.0. Impacted is an unknown function of the file /api/users_handler.php ...	SourceCodester	Inventory Management System 1.0	Jun 29, 2026	CVE
MEDIUM 5.1	CVE-2026-13569	weng-xianhu EyouCMS API index.php sql injection_CVE-2026-13569 A security vulnerability has been detected in weng-xianhu EyouCMS up to 1.7.1. This issue affects some unknown processing of the file /index.php of...	weng-xianhu	EyouCMS 1.7.0	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-13568	SourceCodester Inventory Management System User Registration Endpoint users_handler.php access control_CVE-2026-13568 A weakness has been identified in SourceCodester Inventory Management System 1.0. This vulnerability affects unknown code of the file /api/users_ha...	SourceCodester	Inventory Management System 1.0	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13567	code-projects Online Music Site POST Request Feedback.php cross site scripting_CVE-2026-13567 A security flaw has been discovered in code-projects Online Music Site 1.0. This affects an unknown part of the file /Frontend/Feedback.php of the ...	code-projects	Online Music Site 1.0	Jun 29, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

acl < 2.4.0 Symlink Traversal Privilege Escalation via libacl Functions_CVE-2026-54369

Recent Advisories

FrontAccounting < 2.4.20 SQL Injection via get_gl_transactions()_CVE-2026-40524

FrontAccounting < 2.4.20 SQL Injection via reporting/rep710.php_CVE-2026-40523

FrontAccounting < 2.4.20 SQL Injection via rep601.php_CVE-2026-40522

FrontAccounting < 2.4.20 Path Traversal RCE via attachment upload_CVE-2026-40521

fast-uri vulnerable to host confusion via failed IDN canonicalization_CVE-2026-13676

SourceCodester Inventory Management System User Registration Endpoint users_handler.php cross site scripting_CVE-2026-13570

weng-xianhu EyouCMS API index.php sql injection_CVE-2026-13569

SourceCodester Inventory Management System User Registration Endpoint users_handler.php access control_CVE-2026-13568

code-projects Online Music Site POST Request Feedback.php cross site scripting_CVE-2026-13567

Protect Your Attack Surface with RedGem

Security Intelligence
Feed