Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

296 New today

65,460 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

173

Jun 25

Critical

High

Medium

Low

Latest

CVE CVSS 9.9

SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Content_CVE-2026-50551

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan contains a stored cross-site scripting (XSS) vulnerability in the Attribute View (database) asset cell renderer that escalates to remote code execution (RCE) in the Electron desktop client. T...

CVE-2026-50551 siyuan-note siyuan < 3.7.0

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.9	CVE-2026-50189	Appsmith: RCE via Supervisord XML-RPC Admin Interface Exposed via /supervisor Caddy Route_CVE-2026-50189 Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, Appsmith's bundled supervisord exposes an XML-RPC inter...	appsmithorg	appsmith < 2.1	Jun 24, 2026	CVE
HIGH 7.1	CVE-2026-47110	Tiptap for PHP < 2.1.1 DoS via Malformed href Attribute_CVE-2026-47110 Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by ...	ueberdosis	tiptap-php	Jun 24, 2026	CVE
MEDIUM 6.5	CVE-2026-10642	Unbounded TX busy-loop DoS in Zephyr PL011 UART driver under CTS hardware flow control_CVE-2026-10642 The Zephyr PL011 UART driver (drivers/serial/uart_pl011.c) contains an unbounded software loop in pl011_irq_tx_enable() that repeatedly invokes the...	zephyrproject	zephyr 4.1.0	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-10043	MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability_CVE-2026-10043 MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbi...	MosaicML	Composer 0.32.1	Jun 24, 2026	CVE
CRITICAL 9.1	75711BFE-8B18-	Exploit for CVE-2026-56111_75711BFE-8B18-55AC-A70F-7ACF021EFAE2 CVE-2026-56111 - Marlin M421 Out-of-bounds Write Proof of concept for CVE-2026-56111, an out-of-bounds write in the M421 G-code handler of Marlin F...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 9.1	MSF:AUXILIARY-SCANNER-	Next.js Middleware Authorization Bypass Scanner_MSF:AUXILIARY-SCANNER-HTTP-NEXTJS_MIDDLEWARE_AUTH_BYPASS- This module detects self-hosted Next.js applications affected by CVE-2025-29927, an authorization bypass in the middleware layer. Next.js tags its ...	N/A	N/A	Jun 24, 2026	METASPLOIT
CRITICAL 9.8	MSF:AUXILIARY-SCANNER-	BerriAI LiteLLM Proxy Pre-Auth SQL Injection Scanner_MSF:AUXILIARY-SCANNER-HTTP-LITELLM_PROXY_SQLI- This module detects BerriAI LiteLLM proxy servers affected by CVE-2026-42208, an unauthenticated SQL injection. During API-key verification the pro...	N/A	N/A	Jun 24, 2026	METASPLOIT
HIGH 8.8	MALWAREBYTES:EC...	PixelSmash flaw turns video files into attack tools_MALWAREBYTES:EC34003352AA88477BAACCE9BF91A066 A newly discovered vulnerability in FFmpeg’s MagicYUV decoder can turn a tiny, malformed video into a foothold for attackers. Researchers have dis...	N/A	N/A	Jun 24, 2026	MALWAREBYTES
NONE	MSSECURE:3B070B...	CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms_MSSECURE:3B070B95A636749B56951E3900D3E767 Cloud security is shifting from visibility to context-aware risk reduction, helping security teams understand which exposures matter most, prioriti...	N/A	N/A	Jun 24, 2026	MSSECURE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Content_CVE-2026-50551

Recent Advisories

Appsmith: RCE via Supervisord XML-RPC Admin Interface Exposed via /supervisor Caddy Route_CVE-2026-50189

Tiptap for PHP < 2.1.1 DoS via Malformed href Attribute_CVE-2026-47110

Unbounded TX busy-loop DoS in Zephyr PL011 UART driver under CTS hardware flow control_CVE-2026-10642

MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability_CVE-2026-10043

Exploit for CVE-2026-56111_75711BFE-8B18-55AC-A70F-7ACF021EFAE2

Next.js Middleware Authorization Bypass Scanner_MSF:AUXILIARY-SCANNER-HTTP-NEXTJS_MIDDLEWARE_AUTH_BYPASS-

BerriAI LiteLLM Proxy Pre-Auth SQL Injection Scanner_MSF:AUXILIARY-SCANNER-HTTP-LITELLM_PROXY_SQLI-

PixelSmash flaw turns video files into attack tools_MALWAREBYTES:EC34003352AA88477BAACCE9BF91A066

CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms_MSSECURE:3B070B95A636749B56951E3900D3E767

Protect Your Attack Surface with RedGem

Security Intelligence
Feed