Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

55 New today

64,223 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

Jun 21

Critical

High

Medium

Low

Latest

CVE CVSS 9.5

Joomla Extension – joomshaper.com – PHP Object injection in SP LMS extension for Joomla < 4.1.4_CVE-2026-48909

SP LMS (com_splms) < 4.1.4 by JoomShaper deserializes user-controlled cookie data without validation, enabling an unauthenticated remote attacker to execute arbitrary code on the server.

CVE-2026-48909 joomshaper.net SP LMS extension for Joomla 1.0.0-4.1.3

Jun 20, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	CVE-2026-48908	Joomla Extension – joomshaper.com – Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.12_CVE-2026-48908 A vulnerability in the SP Page Builder for Joomla allows the upload of arbitrary files for unauthenticated users, ultimately resulting in PHP code ...	joomshaper.net	SP Page Builder extension for Joomla 1.0.0-6.6.1	Jun 20, 2026	CVE
MEDIUM 5.9	CVE-2026-12673	CVE-2026-12673_CVE-2026-12673 Liquidfiles versions before 4.2.12 are affected by a broken access control vulnerability resulting in privilege escalation from an Admin in a secon...	liquidfiles	liquidfiles	Jun 20, 2026	CVE
CRITICAL 10	D4275D24-A482-	GumVulns_D4275D24-A482-561B-8402-1DE456184863 GumVulns A single-file PHP CLI that searches many vulnerability APIs in parallel and returns a normalized record for each hit: CVE id, description,...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
HIGH 8.6	3E4275D3-0547-	Exploit for Server-Side Request Forgery in Vercel Next.Js_3E4275D3-0547-519B-A6B4-38321844D41A ╔══════════════════════════════════════════════════════════════╗ ║ NextSSRF — CVE-2026-44578 Scanner & Exploit ║ ║ Next.js WebSocket Upgrade Handle...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	AF15C141-8026-	sql-injection-vulnerability-scanner_AF15C141-8026-5A38-9333-A542B5316D04 ...	N/A	N/A	Jun 20, 2026	GITHUBEXPLOIT
NONE	WIRED:6EAA0778F...	Hackers Claim to Leak Stolen Madison Square Garden Data_WIRED:6EAA0778FAA6CAA5158FCD6DCCC93CBC Plus: Gay bars in San Francisco using face scanners, France quits Palantir, Apple plans to change its private email and more.	N/A	N/A	Jun 20, 2026	WIRED
HIGH 7.5	THN:3C02EE8690F...	Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys_THN:3C02EE8690F770FB334836241DFA97E7 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL1kN23KhnFjdjHcR0i-iySK1Zv-kkApPs6yBq11670ubXx0NiAbgDMoYSfwQNyq9asso5AG9KcPRXEL4LU8...	N/A	N/A	Jun 20, 2026	THN
MEDIUM 6.5	CVE-2026-12119	Simple File List <= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute_CVE-2026-12119 The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' s...	eemitch	Simple File List	Jun 20, 2026	CVE
HIGH 7.5	CVE-2026-11912	Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action_CVE-2026-11912 The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up ...	eemitch	Simple File List	Jun 20, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Joomla Extension – joomshaper.com – PHP Object injection in SP LMS extension for Joomla < 4.1.4_CVE-2026-48909

Recent Advisories

Joomla Extension – joomshaper.com – Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.12_CVE-2026-48908

CVE-2026-12673_CVE-2026-12673

GumVulns_D4275D24-A482-561B-8402-1DE456184863

Exploit for Server-Side Request Forgery in Vercel Next.Js_3E4275D3-0547-519B-A6B4-38321844D41A

sql-injection-vulnerability-scanner_AF15C141-8026-5A38-9333-A542B5316D04

Hackers Claim to Leak Stolen Madison Square Garden Data_WIRED:6EAA0778FAA6CAA5158FCD6DCCC93CBC

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys_THN:3C02EE8690F770FB334836241DFA97E7

Simple File List <= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute_CVE-2026-12119

Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action_CVE-2026-11912

Protect Your Attack Surface with RedGem

Security Intelligence
Feed