Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

220 New today
64,839 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
201
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.8 CVE-2026-7842

Infility Global < 2.15.20 - Editor+ SQL Injection via orderby Parameter_CVE-2026-7842

The Infility Global Infility Global WordPress plugin before 2.15.20 for WordPress does not sanitize or validate the orderby and order parameters in...

Unknown Infility Global CVE
HIGH 7.2 CVE-2026-56784

OpenRemote Manager – Cross-Tenant IDOR in Bulk Alarm Deletion_CVE-2026-56784

OpenRemote Manager before 1.24.2 contains an insecure direct object reference vulnerability in the removeAlarms() method that allows authenticated ...

openremote openremote CVE
MEDIUM 6.9 CVE-2026-56762

Hono – Missing Cookie Name Validation in setCookie()_CVE-2026-56762

Hono before 4.12.12 does not validate cookie names on the write path in the setCookie(), serialize(), and serializeSigned() functions, allowing inv...

Hono Hono CVE
HIGH 7.1 CVE-2026-56701

Grav – XML External Entity Injection via SVG Upload_CVE-2026-56701

Grav before 2.0.0-beta.2 contains an XML external entity injection vulnerability in SVG file upload processing that allows authenticated attackers ...

Grav Grav CVE
MEDIUM 6.3 CVE-2026-56376

ImageMagick – Heap Use-After-Free in Meta Coder_CVE-2026-56376

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written ...

ImageMagick ImageMagick CVE
HIGH 8.7 CVE-2026-56322

Capgo – Information Disclosure via Unauthenticated /updates defaultChannel Parameter_CVE-2026-56322

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /updates endpoint that resolves the defaultChannel pa...

Capgo Capgo CVE
CRITICAL 9.3 CVE-2026-56315

picklescan – Remote Code Execution via Unblocked Standard Library Modules_CVE-2026-56315

picklescan before 1.0.4 fails to block at least seven Python standard library modules (including uuid, _osx_support, _aix_support, _pyrepl.pager, a...

picklescan picklescan CVE
MEDIUM 6.8 CVE-2026-56301

Nuxt – Arbitrary File Read via World-Connectable vite-node IPC Socket on Linux_CVE-2026-56301

Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server (nuxt dev) on Linux, binds the vite-node IPC server to an abs...

Nuxt Nuxt 4.0.0 CVE
MEDIUM 6 CVE-2026-56275

Flowise – Server-Side Request Forgery via Execute Flow Base URL_CVE-2026-56275

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validat...

Flowise Flowise CVE