Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

54 New today
64,199 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

32
Jun 7
255
Jun 8
658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
38
Jun 20
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-49344

Mercator has a Personal Identifiable Information Leak from Query Executor feature_CVE-2026-49344

Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, Mercator's Query Engine (`/...

sourcentis mercator < 2025.05.19 CVE
MEDIUM 5.3 CVE-2026-49342

YARD static cache reads raw traversal paths before router sanitization_CVE-2026-49342

YARD is a documentation generation tool for the Ruby programming language. Prior to version 0.9.44, YARD's static cache lookup reads a request path...

lsegal yard < 0.9.44 CVE
HIGH 7.4 CVE-2026-48787

gin-vue-admin vulnerable to RCE_CVE-2026-48787

gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature ...

flipped-aurora gin-vue-admin = 2.9.1 CVE
HIGH 7.5 CVE-2026-48774

ProxySQL MCP run_sql_readonly executes side-effecting MySQL multi-statements despite read-only contract_CVE-2026-48774

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 3.0.0 through 3.0.8, ProxySQL's GenAI/MCP `run_sql_readonly` tool v...

sysown proxysql >= 3.0.6, < 3.0.9 CVE
CRITICAL 9.8 CVE-2026-48773

ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling_CVE-2026-48773

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. Versions 2.0.18 through 3.0.8 have a pre-authentication heap memory corruption ...

sysown proxysql >= 2.0.18, < 3.0.9 CVE
CRITICAL 10 CVE-2026-48772

ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL_CVE-2026-48772

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the `PROXY...

sysown proxysql >= 2.0.0, < 3.0.9 CVE
HIGH 7.7 CVE-2026-48715

radvdump’s Route Information Option Parser has a Stack Buffer Overflow_CVE-2026-48715

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the `radvdump` utility shipped with radvd contains a stack buffer overflow ...

radvd-project radvdump < 2.21 CVE
HIGH 7.1 CVE-2026-48089

DevGuard has improper authorization on public assets_CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public a...

l3montree-dev devguard < 1.4.2 CVE
HIGH 7.5 CVE-2026-50559

Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities_CVE-2026-50559

Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20....

quarkusio quarkus >= 3.36.0, < 3.36.3 CVE