Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

364 New today

66,027 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

364

Jun 26

Jun 27

Critical

High

Medium

Low

Latest

CVE CVSS 8.7

Flowise – Arbitrary File Read via chatId Parameter_CVE-2025-71324

Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile(), where a fallback file-lookup...

CVE-2025-71324 Flowise Flowise

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.1	CVE-2026-40080	Cacti: Open Redirect via HTTP_REFERER substring check in auth_login_redirect_CVE-2026-40080 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect through a substring c...	Cacti	cacti < 1.2.31	Jun 25, 2026	CVE
HIGH 8.8	25DE60F3-D53C-	Exploit for Path Traversal in Tp-Link Tapo_C260_Firmware_25DE60F3-D53C-5F5C-9C45-E27FA387E1AA Tapo C260 RCE Chain CVE-2026-0651 / CVE-2026-0652 / CVE-2026-0653 Proof-of-concept exploit chain for TP-Link Tapo C260 IP camera achieving unauthen...	N/A	N/A	Jun 25, 2026	GITHUBEXPLOIT
NONE	MSF:POST-WINDOWS-	SMB to Meterpreter Upgrade via PsExec_MSF:POST-WINDOWS-MANAGE-SMB_TO_METERPRETER- Upgrades an authenticated SMB session to a Meterpreter session using PsExec techniques. This module uploads a service-wrapped executable payload to...	N/A	N/A	Jun 25, 2026	METASPLOIT
CRITICAL 10	MSF:EXPLOIT-LINUX-	Dalfox Found-Action Deserialization RCE_MSF:EXPLOIT-LINUX-HTTP-DALFOX_SERVER_RCE_CVE_2026_45087- When dalfox version use exploit/linux/http/dalfoxserverrcecve202645087 msf exploitdalfoxserverrcecve202645087 show targets ...targets... msf exploi...	N/A	N/A	Jun 25, 2026	METASPLOIT
NONE	MALWAREBYTES:A9...	Beware of “Parcel Expert” job offers: They’re parcel mule scams_MALWAREBYTES:A9E730320780F4A3D2DE63A112ACB6A1 A parcel mule scam, also called a reshipping scam, is a fake job offer designed to recruit people into handling stolen goods. It usually starts wi...	N/A	N/A	Jun 25, 2026	MALWAREBYTES
NONE	AKAMAIBLOG:42B0...	The New MCP Specification: What Security Teams Must Prepare For_AKAMAIBLOG:42B057EBF443141EEE80952C4A297138 {“lastseen”:”2026-06-25T19:36:50″,”description”:””,”published”:”2026-06-25T16:00:...	N/A	N/A	Jun 25, 2026	AKAMAIBLOG
HIGH 7.5	CVE-2025-61021	CVE-2025-61021_CVE-2025-61021 An issue in the sqlo_natural_join_cond component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via cr...	n/a	n/a n/a	Jun 23, 2026	CVE
HIGH 7.5	CVE-2025-61019	CVE-2025-61019_CVE-2025-61019 An issue in the sqlo_key_part_best component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafte...	n/a	n/a n/a	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-48946	Joomla Extension – getk2.com – Privileged RCE vulnerability in K2 extension for Joomla < 2.26_CVE-2026-48946 The K2 frontend article-attachment upload path accepts files whose extension is `.php`, and Apache's standard mod_php matches `\.php$` and executes...	getk2.com	K2 extension for Joomla 1.0-2.26	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Flowise – Arbitrary File Read via chatId Parameter_CVE-2025-71324

Recent Advisories

Cacti: Open Redirect via HTTP_REFERER substring check in auth_login_redirect_CVE-2026-40080

Exploit for Path Traversal in Tp-Link Tapo_C260_Firmware_25DE60F3-D53C-5F5C-9C45-E27FA387E1AA

SMB to Meterpreter Upgrade via PsExec_MSF:POST-WINDOWS-MANAGE-SMB_TO_METERPRETER-

Dalfox Found-Action Deserialization RCE_MSF:EXPLOIT-LINUX-HTTP-DALFOX_SERVER_RCE_CVE_2026_45087-

Beware of “Parcel Expert” job offers: They’re parcel mule scams_MALWAREBYTES:A9E730320780F4A3D2DE63A112ACB6A1

The New MCP Specification: What Security Teams Must Prepare For_AKAMAIBLOG:42B057EBF443141EEE80952C4A297138

CVE-2025-61021_CVE-2025-61021

CVE-2025-61019_CVE-2025-61019

Joomla Extension – getk2.com – Privileged RCE vulnerability in K2 extension for Joomla < 2.26_CVE-2026-48946

Protect Your Attack Surface with RedGem

Security Intelligence
Feed