Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

327 New today

65,672 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 7.5

net: Maliciously fragmented IPv6 packets can prevent receiving/processing future incoming packets_CVE-2026-13351

Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragmented IPv6 packets. When such a packet is handled by the fragment-header processing path, the associated RX network packet buffer (al...

CVE-2026-13351 zephyrproject-rtos Zephyr *

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.3	CVE-2026-13350	CVE-2026-13350_CVE-2026-13350 Permissions where checked incorrectly during room creation, allowing attackers to create rooms of types they shouldn't be allowed to create.	pretix	Venueless 0.0.0	Jun 25, 2026	CVE
MEDIUM 6	CVE-2026-6291	Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption_CVE-2026-6291 Bleichenbacher padding oracle in PKCS#7 KTRI decryption. When decrypting PKCS#7 EnvelopedData using RSA PKCS#1 v1.5 key transport, wolfSSL returned...	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE
MEDIUM 6.3	CVE-2026-6094	Heap buffer overread in wc_PKCS7_DecodeEnvelopedData parsing crafted PKCS7 EnvelopedData_CVE-2026-6094 Heap buffer overread in wc_PKCS7_DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-su...	wolfSSL	wolfSSL 5.8.0	Jun 25, 2026	CVE
MEDIUM 6	CVE-2026-6091	Partial-chain verification accepts untrusted intermediate as trust anchor_CVE-2026-6091 Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a truste...	wolfSSL	wolfSSL 5.7.4	Jun 25, 2026	CVE
LOW 2	CVE-2026-55967	AES-GCM streaming APIs do not reject >64 GiB cumulative single messages, enabling counter wrap and keystream reuse_CVE-2026-55967 AES-GCM encryption/decryption with extremely large cumulative single message sizes (>64 GiB) were not properly rejected by the streaming APIs, allo...	wolfSSL	wolfSSL 4.8.0	Jun 25, 2026	CVE
HIGH 8.2	CVE-2026-55961	wolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signer_CVE-2026-55961 wolfSSL_PKCS7_verify() returning success for a degenerate (certs-only) PKCS#7 object that contains no signer. Such an object has empty signerInfos,...	wolfSSL	wolfSSL 3.15.7	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-55700	pnpm: stage download writes outside destination via manifest version traversal_CVE-2026-55700 pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm stage download` derived a local filename from registry-controlled package name and versi...	pnpm	pnpm >= 11.3.0, < 11.5.3	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-55699	pnpm: reserved bin name deletes PNPM_HOME during global remove_CVE-2026-55699 pnpm is a package manager. Prior to 10.34.2 and 11.5.3, Manifest bin object keys such as "", ".", and ".." passed pnpm's bin-name guard. When a mal...	pnpm	pnpm < 10.34.2	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-55698	pnpm: Project env lockfile can short-circuit package-manager resolution and execute lockfile-selected pnpm bytes_CVE-2026-55698 pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can persist package-manager bootstrap metadata in the first YAML document of pnpm-lock...	pnpm	pnpm < 10.34.2	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

net: Maliciously fragmented IPv6 packets can prevent receiving/processing future incoming packets_CVE-2026-13351

Recent Advisories

CVE-2026-13350_CVE-2026-13350

Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption_CVE-2026-6291

Heap buffer overread in wc_PKCS7_DecodeEnvelopedData parsing crafted PKCS7 EnvelopedData_CVE-2026-6094

Partial-chain verification accepts untrusted intermediate as trust anchor_CVE-2026-6091

AES-GCM streaming APIs do not reject >64 GiB cumulative single messages, enabling counter wrap and keystream reuse_CVE-2026-55967

wolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signer_CVE-2026-55961

pnpm: stage download writes outside destination via manifest version traversal_CVE-2026-55700

pnpm: reserved bin name deletes PNPM_HOME during global remove_CVE-2026-55699

pnpm: Project env lockfile can short-circuit package-manager resolution and execute lockfile-selected pnpm bytes_CVE-2026-55698

Protect Your Attack Surface with RedGem

Security Intelligence
Feed