Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

43 New today
64,242 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
25
Jun 21
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-48089

DevGuard has improper authorization on public assets_CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public a...

l3montree-dev devguard < 1.4.2 CVE
HIGH 7.5 CVE-2026-50559

Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities_CVE-2026-50559

Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20....

quarkusio quarkus >= 3.36.0, < 3.36.3 CVE
HIGH 7.1 CVE-2026-49346

libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow_CVE-2026-49346

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and...

strukturag libde265 < 1.1.0 CVE
MEDIUM 4.3 CVE-2026-49337

libde265 has an unbounded memory leak via orphaned slice headers in `read_slice_NAL`_CVE-2026-49337

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes `decoder_...

strukturag libde265 < 1.0.20 CVE
HIGH 7.1 CVE-2026-49295

libde265 has an out-of-bounds write in process_reference_picture_set via predicted short-term RPS_CVE-2026-49295

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds a...

strukturag libde265 < 1.0.20 CVE
LOW 1.3 CVE-2026-48794

Authelia has an Edge Case Access Control Rule Mismatch_CVE-2026-48794

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications vi...

authelia authelia >= 4.36.0, < 4.39.20 CVE
MEDIUM 6.5 CVE-2026-48129

Kestra task inputFiles accepts traversal filenames for worker file writes_CVE-2026-48129

Kestra is an open-source, event-driven orchestration platform. Prior to versions 1.3.19, 1.2.19, 1.1.19, and 1.0.43, Kestra task `inputFiles` write...

kestra-io kestra < 1.0.43 CVE
LOW 2.9 CVE-2026-47203

Authelia Missing Username Canonicalization in Basic Auth (LDAP)_CVE-2026-47203

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications vi...

authelia authelia >= 4.38.0, < 4.39.20 CVE
MEDIUM 6.5 CVE-2026-50519

Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability_CVE-2026-50519

{“lastseen”:””,”description”:””,”published”:”2026-06-19T20:28:35.395Z”,&#82...

Microsoft GitHub Copilot Chat 1.0.0 CVE