Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

115 New today
64,174 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
13
Jun 20
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.5 CVE-2026-48909

Joomla Extension – joomshaper.com – PHP Object injection in SP LMS extension for Joomla < 4.1.4_CVE-2026-48909

SP LMS (com_splms) < 4.1.4 by JoomShaper deserializes user-controlled cookie data without validation, enabling an unauthenticated remote attacker t...

joomshaper.net SP LMS extension for Joomla 1.0.0-4.1.3 CVE
CRITICAL 10 CVE-2026-48908

Joomla Extension – joomshaper.com – Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.12_CVE-2026-48908

A vulnerability in the SP Page Builder for Joomla allows the upload of arbitrary files for unauthenticated users, ultimately resulting in PHP code ...

joomshaper.net SP Page Builder extension for Joomla 1.0.0-6.6.1 CVE
MEDIUM 5.9 CVE-2026-12673

CVE-2026-12673_CVE-2026-12673

Liquidfiles versions before 4.2.12 are affected by a broken access control vulnerability resulting in privilege escalation from an Admin in a secon...

liquidfiles liquidfiles CVE
CRITICAL 10 D4275D24-A482-

GumVulns_D4275D24-A482-561B-8402-1DE456184863

GumVulns A single-file PHP CLI that searches many vulnerability APIs in parallel and returns a normalized record for each hit: CVE id, description,...

N/A N/A GITHUBEXPLOIT
HIGH 8.6 3E4275D3-0547-

Exploit for Server-Side Request Forgery in Vercel Next.Js_3E4275D3-0547-519B-A6B4-38321844D41A

╔══════════════════════════════════════════════════════════════╗ ║ NextSSRF — CVE-2026-44578 Scanner & Exploit ║ ║ Next.js WebSocket Upgrade Handle...

N/A N/A GITHUBEXPLOIT
NONE AF15C141-8026-

sql-injection-vulnerability-scanner_AF15C141-8026-5A38-9333-A542B5316D04

...

N/A N/A GITHUBEXPLOIT
NONE WIRED:6EAA0778F...

Hackers Claim to Leak Stolen Madison Square Garden Data_WIRED:6EAA0778FAA6CAA5158FCD6DCCC93CBC

Plus: Gay bars in San Francisco using face scanners, France quits Palantir, Apple plans to change its private email and more.

N/A N/A WIRED
HIGH 7.5 THN:3C02EE8690F...

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys_THN:3C02EE8690F770FB334836241DFA97E7

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL1kN23KhnFjdjHcR0i-iySK1Zv-kkApPs6yBq11670ubXx0NiAbgDMoYSfwQNyq9asso5AG9KcPRXEL4LU8...

N/A N/A THN
MEDIUM 6.5 CVE-2026-12119

Simple File List <= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute_CVE-2026-12119

The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' s...

eemitch Simple File List CVE