Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

328 New today

65,671 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 4.8

pnpm: Tarball hash of GitHub git dependencies is not stored in lockfile_CVE-2026-48995

pnpm is a package manager. Prior to 10.33.4 and 11.0.7, a malicious codeload.github.com server can serve whatever tarball it wants and pnpm will install it regardless of the lockfile. The lockfile does not store the hash of the dependencies from https://codeload.github.com. Th...

CVE-2026-48995 pnpm pnpm < 10.33.4

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.8	CVE-2026-47770	jq: stack overflow in deep structural equality_CVE-2026-47770 jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on j...	jqlang	jq < 1.8.2	Jun 25, 2026	CVE
HIGH 8.2	CVE-2026-11999	X.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()_CVE-2026-11999 X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only ...	wolfSSL	wolfSSL 5.7.4	Jun 25, 2026	CVE
CRITICAL 10	CVE-2026-57700	WordPress OMGF Pro plugin <= 5.2.6 - Arbitrary File Upload vulnerability_CVE-2026-57700 Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from...	Daan.dev	OMGF Pro n/a	Jun 25, 2026	CVE
HIGH 7	CVE-2026-56790	CANBoat – Off-by-One Global Buffer Overflow in searchForPgn()_CVE-2026-56790 CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn() function in analyzer/pgn.c that ...	canboat	canboat	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56789	RTKLIB 2.4.3 – Heap Buffer Overflow and Stack Read via Oversized RINEX Epoch Satellite Count_CVE-2026-56789 RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memo...	tomojitakasu	RTKLIB	Jun 25, 2026	CVE
MEDIUM 4.8	CVE-2026-56788	RTKLIB 2.4.3 – Out-of-bounds Read via Negative Array Index in getcodepri_CVE-2026-56788 RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allo...	tomojitakasu	RTKLIB	Jun 25, 2026	CVE
MEDIUM 6.9	CVE-2026-56787	RTKLIB 2.4.3 – Off-by-One Out-of-Bounds Read in decode_ssr3 via RTCM3 SSR Message_CVE-2026-56787 RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decode_ssr3 function at src/rtcm3.c:1446 that allows remote att...	tomojitakasu	RTKLIB	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2026-56786	RTKLIB 2.4.3 – Out-of-bounds Write in decode_type1033 via Crafted RTCM3 Message_CVE-2026-56786 RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decode_type1033 function that fails to clamp length counters to destination b...	tomojitakasu	RTKLIB	Jun 25, 2026	CVE
MEDIUM 5.3	CVE-2026-56779	MaxKB < 2.10.0 - Server-Side Request Forgery via downloadCallbackUrl and download_url Parameters_CVE-2026-56779 MaxKB before 2.10.0 contains a server-side request forgery vulnerability in tool creation and update endpoints that allows authenticated users to m...	1Panel-dev	MaxKB	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

pnpm: Tarball hash of GitHub git dependencies is not stored in lockfile_CVE-2026-48995

Recent Advisories

jq: stack overflow in deep structural equality_CVE-2026-47770

X.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()_CVE-2026-11999

WordPress OMGF Pro plugin <= 5.2.6 - Arbitrary File Upload vulnerability_CVE-2026-57700

CANBoat – Off-by-One Global Buffer Overflow in searchForPgn()_CVE-2026-56790

RTKLIB 2.4.3 – Heap Buffer Overflow and Stack Read via Oversized RINEX Epoch Satellite Count_CVE-2026-56789

RTKLIB 2.4.3 – Out-of-bounds Read via Negative Array Index in getcodepri_CVE-2026-56788

RTKLIB 2.4.3 – Off-by-One Out-of-Bounds Read in decode_ssr3 via RTCM3 SSR Message_CVE-2026-56787

RTKLIB 2.4.3 – Out-of-bounds Write in decode_type1033 via Crafted RTCM3 Message_CVE-2026-56786

MaxKB < 2.10.0 - Server-Side Request Forgery via downloadCallbackUrl and download_url Parameters_CVE-2026-56779

Protect Your Attack Surface with RedGem

Security Intelligence
Feed