Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

60 New today
64,239 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
22
Jun 21
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 CVE-2026-47846

CVE-2026-47846_CVE-2026-47846

Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured vi...

Bitnami bitnami/cassandra 4.0.0 CVE
MEDIUM 5.4 CVE-2026-43915

Coturn: Stored Cross-Site Scripting (XSS) in web-admin interface via TURN username_CVE-2026-43915

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.11.0 contain a stored cross-site scripting (XSS) vulnerabi...

coturn coturn < 4.11.0 CVE
HIGH 8.5 CVE-2026-25865

Punto Switcher 4.5.0.583 Unquoted Search Path via WinExec_CVE-2026-25865

Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by ex...

Yandex Punto Switcher CVE
CRITICAL 9.9 CVE-2026-49252

deepstream is vulnerable to prototype pollution_CVE-2026-49252

deepstream is a server that allows clients and backend services to sync data, send messages and make rpcs at scale. Versions prior to 10.0.5 are v...

deepstreamIO deepstream.io < 10.0.5 CVE
HIGH 8.3 CVE-2026-49248

OneDev: RCE through absolute-path symlink following allows low-privileged users to overwrite arbitrary server via TarUtils.untar_CVE-2026-49248

OneDev is a Git server with CI/CD, kanban, and packages. In versions 15.0.6 and below, TarUtils.untar() creates symbolic links verbatim from TAR en...

theonedev onedev < 15.0.7 CVE
MEDIUM 6.1 CVE-2026-44663

OpenEXR: Integer overflow in the HTJ2K decoder leads to heap-buffer-overflow_CVE-2026-44663

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 t...

AcademySoftwareFoundation openexr >= 3.4.0, < 3.4.11 CVE
HIGH 8.1 CVE-2026-43994

Coturn: Stack buffer overflow in decode_oauth_token_gcm()_CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decode_oauth_token...

coturn coturn < 4.10.0 CVE
HIGH 8.3 CVE-2025-15661

libssh2 – Heap Buffer Over-read via sftp_symlink() in sftp.c_CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftp_symlink() function in src/sftp.c tha...

libssh2 libssh2 CVE
CRITICAL 9.1 CVE-2026-49454

Relyra SAML SignatureValue not cryptographically verified -> authentication bypass_CVE-2026-49454

Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures beca...

szTheory relyra >= 1.0.0, < 1.2.0 CVE