Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

102 New today
64,397 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
76
Jun 22
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.8 MS:CVE-2026-12466

Chromium: CVE-2026-12466 Heap buffer overflow in WebRTC_MS:CVE-2026-12466

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
NONE IMPERVABLOG:7EE...

On-Premises API Security on Kubernetes: What It Actually Looks Like in Practice_IMPERVABLOG:7EE2F10AC3EAE78AF944E8104F323628

## Let’s Talk About Where Your APIs Actually Run **Quick answer:** On-premises API security keeps API discovery, detection, and enforcement inside...

N/A N/A IMPERVABLOG
NONE HACKREAD:7F9E2B...

Scammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper_HACKREAD:7F9E2B8D9C7C3249BBB6DCA19290C526

A multi-platform malware campaign abuses fake trust signals to infect Windows and Mac users with a crypto clipper packed with 15,500 attacker wallets.

N/A N/A HACKREAD
NONE MALWAREBYTES:C4...

Document delivery scams: What are they and what’s their goal?_MALWAREBYTES:C4E6AC758E13C3CCBD3552439D46014E

One of Malwarebytes' managers recently received a call from scammers pretending to be a document delivery service. The voicemail sounded official:...

N/A N/A MALWAREBYTES
HIGH 8.8 CVE-2026-8157

Vitepos < 3.4.2 - Outlet Manager+ Privilege Escalation_CVE-2026-8157

The Vitepos WordPress plugin before 3.4.2 does not properly restrict the roles that can be assigned when creating new users via one of its REST AP...

Unknown Vitepos CVE
MEDIUM 5.3 CVE-2026-7859

Motors Car Dealership & Classified Listings < 1.4.110 - Unauthenticated Post-Meta Write via stm_ajax_add_a_car_media_CVE-2026-7859

The Motors WordPress plugin before 1.4.110 does not have proper authorisation and CSRF checks on one of its AJAX actions, allowing unauthenticated...

Unknown Motors CVE
HIGH 7.1 CVE-2026-6858

Transbank Webpay < 1.14.0 - Unauthenticated Stored XSS_CVE-2026-6858

The Transbank Webpay WordPress plugin before 1.14.0 does not sanitize and escape logs to be displayed, allowing unauthenticated users to perform St...

Unknown Transbank Webpay CVE
HIGH 7.1 CVE-2026-4259

Ultimate WooCommerce Auction Pro <= 2.4.5 - Reflected XSS via uwa_manage_auctions_CVE-2026-4259

The ultimate-woocommerce-auction-pro WordPress plugin through 2.4.5 does not sanitise and escape a parameter before outputting it back in the page,...

Unknown ultimate-woocommerce-auction-pro CVE
MEDIUM 5.1 CVE-2026-12863

Open redirect_CVE-2026-12863

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains.

pretix Venueless 0.0.0 CVE