Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

58 New today

66,078 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

Critical

High

Medium

Low

Latest

CVE CVSS 1

CRL critical extension bypass in ParseCRL_Extensions_CVE-2026-6450

A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a truste...

CVE-2026-6450 wolfSSL wolfSSL 4.3.0

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.3	CVE-2026-6412	Continued acceptance of SHA-1/MD5 digests in certificate processing_CVE-2026-6412 Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing.	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-56445	pydicom pynetdicom Library Path Traversal_CVE-2026-56445 The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitizat...	pydicom	pynetdicom Library 1.0.0	Jun 25, 2026	CVE
HIGH 8.3	CVE-2026-12473	OHIF Viewers DICOM Server-Side request forgery_CVE-2026-12473 Two data sources (DICOMWebProxy and DICOMJSON) shipped in the default configuration fetch an arbitrary URL parameter without validation. A global a...	Open Health Imaging Foundation (OHIF)	DICOM Web Viewer Framework	Jun 25, 2026	CVE
MEDIUM 5.9	CVE-2026-8720	HMAC-BLAKE2 final discards message when key length exceeds block size_CVE-2026-8720 wc_Blake2bHmacFinal and wc_Blake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of ...	wolfSSL	wolfSSL 5.9.0	Jun 25, 2026	CVE
LOW 2.1	CVE-2026-6331	HMAC zero-length tag forgery in EVP_DigestVerifyFinal_CVE-2026-6331 HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-...	wolfSSL	wolfSSL 3.15.5	Jun 25, 2026	CVE
MEDIUM 6.3	CVE-2026-6330	ML-KEM ARM64 NEON ciphertext comparison only compares half of the input_CVE-2026-6330 The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weake...	wolfSSL	wolfSSL 5.7.4	Jun 25, 2026	CVE
MEDIUM 6	CVE-2026-6329	PKCS#12 MAC verification uses attacker-controlled comparison length_CVE-2026-6329 PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to b...	wolfSSL	wolfSSL 3.10.0	Jun 25, 2026	CVE
LOW 2	CVE-2026-6325	Out-of-bounds write in SetSuitesHashSigAlgo on oversized signature algorithms list_CVE-2026-6325 Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destina...	wolfSSL	wolfSSL 4.8.0	Jun 25, 2026	CVE
LOW 2.1	CVE-2026-6092	Encrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configured_CVE-2026-6092 When HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC.	wolfSSL	wolfSSL 5.2.0	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CRL critical extension bypass in ParseCRL_Extensions_CVE-2026-6450

Recent Advisories

Continued acceptance of SHA-1/MD5 digests in certificate processing_CVE-2026-6412

pydicom pynetdicom Library Path Traversal_CVE-2026-56445

OHIF Viewers DICOM Server-Side request forgery_CVE-2026-12473

HMAC-BLAKE2 final discards message when key length exceeds block size_CVE-2026-8720

HMAC zero-length tag forgery in EVP_DigestVerifyFinal_CVE-2026-6331

ML-KEM ARM64 NEON ciphertext comparison only compares half of the input_CVE-2026-6330

PKCS#12 MAC verification uses attacker-controlled comparison length_CVE-2026-6329

Out-of-bounds write in SetSuitesHashSigAlgo on oversized signature algorithms list_CVE-2026-6325

Encrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configured_CVE-2026-6092

Protect Your Attack Surface with RedGem

Security Intelligence
Feed