Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

207 New today
66,902 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
53
Jun 27
318
Jun 28
284
Jun 29
198
Jun 30
Critical
High
Medium
Low
Latest
CVE CVSS 8

Export User Data <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion via display_name Field_CVE-2026-12240

The Export User Data plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unserialize function in all versions up to, and including, 2.2.6. This makes it possible for authenticated attackers, with subscriber-level access...

CVE-2026-12240 qlstudio Export User Data
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.6 CVE-2026-45822

CVE-2026-45822_CVE-2026-45822

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode() function splits input on '%' producing N tokens and calls decod...

SamVerschueren decode-uri-component 0.1.0 CVE
HIGH 8.4 CVE-2026-12578

DTMSoft – Deserialization of Untrusted Data Vulnerability_CVE-2026-12578

The affected product is vulnerable to a deserialization of untrusted data, which may allow an attacker to execute arbitrary code.

deltaww DTMSoft * CVE
NONE H1:3832393

curl: libcurl upload read callbacks miss recursive API guard, allowing prohibited multi API reentry and ASAN-confirmed UAF_H1:3832393

## Summary: Several libcurl upload read callback paths invoke the application-provided CURLOPT_READFUNCTION without marking the easy handle as bein...

N/A N/A HACKERONE
HIGH 8.8 THN:9247B208C4F...

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs_THN:9247B208C4FFADCDFC198B9F5D16121C

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgEWbrJH-z_uAL6GFaOqplYF1ewSOBvFpaKD24W74VEBaSO-pW3sy0I0e57Bmc9yBKV4vb6zWYaVjd-oTSy2...

N/A N/A THN
NONE 37683967-95C5-

PoCE_37683967-95C5-5D47-B7AD-66112BFC2D29

POCE 1. Here we have combined all the frameworks to run in a single docker image in Combinedframeworks folder 2. If needs to run on subset, each fo...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.9 B98A8361-599D-

Exploit for OS Command Injection in Olivetin_B98A8361-599D-5E2B-A55A-3FCFBEC697F8

CVE-2026-27626 — OliveTin OS Command Injection PoC Summary | | | |---|---| | CVE ID | CVE-2026-27626 | | Component | OliveTin | | Vulnerability Cla...

N/A N/A GITHUBEXPLOIT
HIGH 7 CVE-2026-46309

drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise_CVE-2026-46309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise Add v...

Linux Linux ada7486c5668db542a7d361268df931aca5b726a CVE
HIGH 7 CVE-2026-53059

dm log: fix out-of-bounds write due to region_count overflow_CVE-2026-53059

In the Linux kernel, the following vulnerability has been resolved: dm log: fix out-of-bounds write due to region_count overflow The local variab...

Linux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 CVE
HIGH 7 CVE-2026-52972

crypto: af_alg – Cap AEAD AD length to 0x80000000_CVE-2026-52972

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Cap AEAD AD length to 0x80000000 In order to prevent arithme...

Linux Linux 400c40cf78da00c16e561a3a253ca272455c42ef CVE