Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

66 New today
64,356 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
35
Jun 22
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 4.7 CVE-2026-48984

pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap_CVE-2026-48984

pam_usb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree() memory release helper i...

mcdope pam_usb < 0.9.2 CVE
MEDIUM 5.3 CVE-2026-9692

Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely_CVE-2026-9692

Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely. The default session id generator returns a SHA-1 h...

HAYAJO Mojolicious::Sessions::Storable CVE
MEDIUM 6.7 CVE-2026-55392

NILFS utilities – Undefined Behavior and Out-of-Memory via Unvalidated s_log_block_size_CVE-2026-55392

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfs_sb_is_valid() function fails to validate s_log_block_size field in NILFS2 superblock ...

nilfs-dev nilfs-utils CVE
MEDIUM 5.3 CVE-2026-48937

CVE-2026-48937_CVE-2026-48937

A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a `GOAWAY` frame. This vulnerability affects two su...

nodejs node 22.22.3 CVE
MEDIUM 6.1 CVE-2026-47833

CVE-2026-47833_CVE-2026-47833

setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bp...

Cloud Foundry Foundation bpm-release CVE
HIGH 7.5 PACKETSTORM:223805

📄 WordPress Contest Gallery 28.1.4 SQL Injection_PACKETSTORM:223805

WordPress Contest Gallery plugin version 28.1.4 unauthenticated blind SQL Injection exploit written in Python3...

N/A N/A PACKETSTORM
NONE 0CF22E77-69CF-

SQL-Injection_0CF22E77-69CF-5381-99B9-FA46DAC954C6

SQL-Injection This project, developed in VS Code using JavaScript Node.js, demonstrates the mechanics and remediation of SQL Injection SQLi. It fea...

N/A N/A GITHUBEXPLOIT
NONE F5663BA3-FD03-

NextJS-Middleware-Bypass-PoC_F5663BA3-FD03-5E91-BE24-0C0702FCE22F

MCID15795619: Next.js Middleware Bypass PoC Executive Summary This repository contains the technical details and Proof of Concept PoC for a High-Se...

N/A N/A GITHUBEXPLOIT
HIGH 8.4 CVE-2026-12390

Access of resource using incompatible type (‘type confusion’) in AzeoTech DAQFactory_CVE-2026-12390

In AzeoTech DAQFactory versions 21.1 and prior, a Type Confusion vulnerability can be exploited by an attacker using specially crafted .ctl files w...

AzeoTech DAQFactory CVE