Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

285 New today

64,923 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

285

Jun 23

Jun 24

Critical

High

Medium

Low

Latest

CVE CVSS 8.8

n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions_CVE-2026-54309

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any we...

CVE-2026-54309 n8n-io n8n >= 2.26.0, < 2.26.2

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.8	CVE-2026-54303	n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints_CVE-2026-54303 n8n is an open source workflow automation platform. Prior to 2.24.0, an endpoint in the Meta and Microsoft Teams trigger nodes reflects a query par...	n8n-io	n8n < 2.24.0	Jun 23, 2026	CVE
HIGH 7.1	CVE-2025-62180	Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs._CVE-2025-62180 Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain...	Pegasystems	Pega Infinity 8.3.0	Jun 23, 2026	CVE
LOW 3.5	CVE-2025-15619	HCL Connections is vulnerable to broken access control_CVE-2025-15619 HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario.	HCLSoftware	Connections 7.0, 8.0	Jun 23, 2026	CVE
CRITICAL 9.8	TRENDMICROBLOG:...	From Langflow to Monero: Inside CVE-2026-33017 Cryptominer_TRENDMICROBLOG:D6D82F6102E243699FEABC242F869EE4 We tracked a cryptocurrency-mining campaign exploiting CVE-2026-33017, which revealed how threat actors are now scanning exposed AI application inf...	N/A	N/A	Jun 23, 2026	TRENDMICROBLOG
NONE	HACKREAD:A41968...	New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto_HACKREAD:A419683ACF762DB1E281C5DEA5248AF1 Microsoft researchers warn of a new dual-action cryptocurrency clipper (CryptoBandits Malware) spreading through USB devices to alter wallet addres...	N/A	N/A	Jun 23, 2026	HACKREAD
NONE	MALWAREBYTES:32...	Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613 Meta has paused a controversial employee‑tracking program after an internal security review found that highly granular keystroke and screen‑capture...	N/A	N/A	Jun 23, 2026	MALWAREBYTES
NONE	AKAMAIBLOG:F7FF...	AI Reconnaissance: The Missing Layer in Chatbot Security_AKAMAIBLOG:F7FF735B9CED18324CEDEF05F2700342 {“lastseen”:”2026-06-23T13:36:50″,”description”:””,”published”:”2026-06-23T15:00:...	N/A	N/A	Jun 23, 2026	AKAMAIBLOG
NONE	DBE8424D-F85A-	Web-Attack-Investigator_DBE8424D-F85A-5901-8C17-A6A967AC334B Web Attack Investigator Ferramenta de investigação de ataques web desenvolvida em Python para análise de logs Apache/Nginx, identificação de indica...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
MEDIUM 5.5	4E361A66-0287-	Exploit for Path Traversal in Microsoft_4E361A66-0287-5D9D-9DA5-91D2EF34D2CB 🛡️ NimbusPWN-CVE-2022-29799-29800 - Test local privilege escalation security flaws 📖 About this tool This software helps security researchers stud...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions_CVE-2026-54309

Recent Advisories

n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints_CVE-2026-54303

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs._CVE-2025-62180

HCL Connections is vulnerable to broken access control_CVE-2025-15619

From Langflow to Monero: Inside CVE-2026-33017 Cryptominer_TRENDMICROBLOG:D6D82F6102E243699FEABC242F869EE4

New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto_HACKREAD:A419683ACF762DB1E281C5DEA5248AF1

Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613

AI Reconnaissance: The Missing Layer in Chatbot Security_AKAMAIBLOG:F7FF735B9CED18324CEDEF05F2700342

Web-Attack-Investigator_DBE8424D-F85A-5901-8C17-A6A967AC334B

Exploit for Path Traversal in Microsoft_4E361A66-0287-5D9D-9DA5-91D2EF34D2CB

Protect Your Attack Surface with RedGem

Security Intelligence
Feed