Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

234 New today

65,696 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 5.7

Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename_CVE-2026-55895

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the netrw plugin (runtime/pack/dist/opt/netrw/autoload/netrw.vim) when deleting a local file from the browser. A filename derived from...

CVE-2026-55895 vim vim < 9.2.0663

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.5	CVE-2026-55892	Vim: Out-of-bounds Write in Spell File Prefix Dump_CVE-2026-55892 Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iter...	vim	vim < 9.2.0662	Jun 25, 2026	CVE
MEDIUM 5.7	CVE-2026-55693	Vim: Out-of-bounds Write in Spell File Word Count_CVE-2026-55693 Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fiel...	vim	vim < 9.2.0653	Jun 25, 2026	CVE
HIGH 7.2	CVE-2026-55477	Authenticated Arbitrary File Write via Database Import and Xray Log Path Manipulation_CVE-2026-55477 3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functiona...	MHSanaei	3x-ui < 3.3.1	Jun 25, 2026	CVE
MEDIUM 5.3	CVE-2026-54036	LibreChat: 2FA Re-enrollment Allows Full Account 2FA Takeover Without OTP Verification_CVE-2026-54036 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called...	danny-avila	LibreChat < 0.8.4-rc1	Jun 25, 2026	CVE
MEDIUM 6.7	CVE-2026-4522	CVE-2026-4522_CVE-2026-4522 Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYP...	HYPR	Passwordless	Jun 25, 2026	CVE
HIGH 7.5	616C2155-98D5-	Exploit for Classic Buffer Overflow in Qualcomm Apq8097_Firmware_616C2155-98D5-5316-BB35-BF924B098C71 Katana A BootROM exploit for Qualcomm devices released within 2016 til 2019. Brief Explanation of the Exploit With the MSM8998 Nazgul SoC, the comm...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
NONE	HACKREAD:30D641...	Suspected Cyberattack Sends Fake Emergency Alert to Phones Across Brazil_HACKREAD:30D64137BBAEF523BEACA95B9C593977 Brazil’s alert system was taken offline after a fake emergency alert reached phones, with officials investigating a suspected cyberattack and secur...	N/A	N/A	Jun 25, 2026	HACKREAD
NONE	AKAMAIBLOG:897F...	Linode Interfaces and Default Firewall Now Generally Available_AKAMAIBLOG:897F576B3A37AEC3F67BFBDDBAA22474 {“lastseen”:”2026-06-25T13:36:50″,”description”:””,”published”:”2026-06-25T12:00:...	N/A	N/A	Jun 25, 2026	AKAMAIBLOG
NONE	AKAMAIBLOG:86E7...	Your AI Cost Model Stops at the Token Price. The Bill Doesn’t._AKAMAIBLOG:86E718C1FDCAE676A8C175C07AA31106 Your AI cost model stops at the token price, but the bill doesn't. Discover why almost 80% of production AI spend sits in inference and how to opti...	N/A	N/A	Jun 25, 2026	AKAMAIBLOG

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename_CVE-2026-55895

Recent Advisories

Vim: Out-of-bounds Write in Spell File Prefix Dump_CVE-2026-55892

Vim: Out-of-bounds Write in Spell File Word Count_CVE-2026-55693

Authenticated Arbitrary File Write via Database Import and Xray Log Path Manipulation_CVE-2026-55477

LibreChat: 2FA Re-enrollment Allows Full Account 2FA Takeover Without OTP Verification_CVE-2026-54036

CVE-2026-4522_CVE-2026-4522

Exploit for Classic Buffer Overflow in Qualcomm Apq8097_Firmware_616C2155-98D5-5316-BB35-BF924B098C71

Suspected Cyberattack Sends Fake Emergency Alert to Phones Across Brazil_HACKREAD:30D64137BBAEF523BEACA95B9C593977

Linode Interfaces and Default Firewall Now Generally Available_AKAMAIBLOG:897F576B3A37AEC3F67BFBDDBAA22474

Your AI Cost Model Stops at the Token Price. The Bill Doesn’t._AKAMAIBLOG:86E718C1FDCAE676A8C175C07AA31106

Protect Your Attack Surface with RedGem

Security Intelligence
Feed