Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

163 New today

65,709 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 2

Apache Shiro: Remember-me cookie isn’t checked for expiry on the server_CVE-2026-56130

"Remember me" cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie and reuse it indefinitely, even after the configured expiration time has passed. This issue affects all Apache Shiro versions from 1.2.4 through 2.x, and 3.0...

CVE-2026-56130 Apache Software Foundation Apache Shiro 1.2.4

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.2	CVE-2026-56091	Apache Shiro: Authentication bypass in Guice-Web integration_CVE-2026-56091 When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. ...	Apache Software Foundation	Apache Shiro	Jun 25, 2026	CVE
MEDIUM 6.4	CVE-2026-54226	Apache Kvrocks: RESTORE IntSet Integer Overflow Leads to Remote DoS_CVE-2026-54226 A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.6.0 through 2.15.0. Users are recommended to upgrade to version 2.16...	Apache Software Foundation	Apache Kvrocks 2.6.0	Jun 25, 2026	CVE
CRITICAL 10	CVE-2026-46752	Apache Kvrocks: Stack buffer overflow in Lua bit.tohex()_CVE-2026-46752 Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are...	Apache Software Foundation	Apache Kvrocks 2.0.4	Jun 25, 2026	CVE
MEDIUM 5.5	CVE-2026-46751	Apache Kvrocks: Does not remove the unsafe loadstring function from its Lua sandbox, allowing a user who can run EVAL scripts to load crafted, unvalidated bytecode that crashes the server process, resulting in a remote denial of service._CVE-2026-46751 A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.2.0 through 2.15.0. Users are recommended to upgrade to version 2.16...	Apache Software Foundation	Apache Kvrocks 2.2.0	Jun 25, 2026	CVE
LOW 2.4	CVE-2026-45188	Apache Kvrocks: Replication Fullsync Path Traversal via Unvalidated Filename Handling_CVE-2026-45188 Relative Path Traversal vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.15.0. Users are recommended to u...	Apache Software Foundation	Apache Kvrocks 1.0.0	Jun 25, 2026	CVE
CRITICAL 9.4	CVE-2026-41566	Apache Kvrocks: Improper permission for the APPLYBATCH command_CVE-2026-41566 Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: 2.8.0. Users are ...	Apache Software Foundation	Apache Kvrocks 2.8.0	Jun 25, 2026	CVE
CRITICAL 10	6FF93997-10DF-	Log4Shell-Minecraft-Server_6FF93997-10DF-5D5F-9AC2-DE93E4033318 Java Unmarshaller Security - Turning your data into code execution If you came here for Log4Shell/CVE-2021-44228, you may want to read about the ex...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
NONE	CE9791CB-E538-	termux-tx_CE9791CB-E538-5D96-BCA4-69E71F34733F TX — Termux eXecutive 🚀 Advanced Cybersecurity CLI Tool for Termux & Linux Automation · OSINT · Scanning · Exploitation · Anonymity · System Power...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
HIGH 8.3	73783F01-78D6-	Exploit for CVE-2025-2783_73783F01-78D6-58A5-911B-7B0E41D2725E CVE 2025-2783+CVE-2025-6554 fullchain Date: 2026/01/26 English Description of files: - rce.html: CVE-2025-6554 exp - exploit.dll: CVE-2025-2783 exp...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Apache Shiro: Remember-me cookie isn’t checked for expiry on the server_CVE-2026-56130

Recent Advisories

Apache Shiro: Authentication bypass in Guice-Web integration_CVE-2026-56091

Apache Kvrocks: RESTORE IntSet Integer Overflow Leads to Remote DoS_CVE-2026-54226

Apache Kvrocks: Stack buffer overflow in Lua bit.tohex()_CVE-2026-46752

Apache Kvrocks: Does not remove the unsafe loadstring function from its Lua sandbox, allowing a user who can run EVAL scripts to load crafted, unvalidated bytecode that crashes the server process, resulting in a remote denial of service._CVE-2026-46751

Apache Kvrocks: Replication Fullsync Path Traversal via Unvalidated Filename Handling_CVE-2026-45188

Apache Kvrocks: Improper permission for the APPLYBATCH command_CVE-2026-41566

Log4Shell-Minecraft-Server_6FF93997-10DF-5D5F-9AC2-DE93E4033318

termux-tx_CE9791CB-E538-5D96-BCA4-69E71F34733F

Exploit for CVE-2025-2783_73783F01-78D6-58A5-911B-7B0E41D2725E

Protect Your Attack Surface with RedGem

Security Intelligence
Feed