Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

299 New today
64,626 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
305
Jun 22
Jun 23
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
LOW 2.1 CVE-2026-47241

Net::IMAP: Denial of Service via incomplete raw argument validation_CVE-2026-47241

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands ac...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
MEDIUM 5.8 CVE-2026-47240

Net::IMAP: Command Injection via non-synchronizing literal in “raw” argument_CVE-2026-47240

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands ac...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
CRITICAL 9.2 CVE-2026-45034

PhpSpreadsheet: File::prohibitWrappers bypass_CVE-2026-45034

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.5, CVE-2026-34084 was patched by the helper File::pro...

PHPOffice PhpSpreadsheet < 1.30.5 CVE
CRITICAL 9.3 CVE-2026-44727

Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP_CVE-2026-44727

Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyter_server render user-authored noteb...

jupyter-server jupyter_server < 2.20 CVE
MEDIUM 5.4 CVE-2026-41479

Authlib OAuth 2.0 authorization endpoint open redirects to attacker-controlled redirect_uri on unsupported response_type_CVE-2026-41479

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.10 and 1.7.1, Authlib's OAuth 2.0 authorization endpoint ca...

authlib authlib < 1.6.10 CVE
HIGH 7.1 CVE-2026-39904

Gophish 0.12.1 Denial of Service via Office Document Upload_CVE-2026-39904

Gophish through 0.12.1 contains a denial of service vulnerability that allows authenticated users with the User role to exhaust server memory by up...

gophish gophish CVE
MEDIUM 5.3 CVE-2026-56698

Nuxt – Cross-Site Scripting via navigateTo open Option_CVE-2026-56698

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validate script-capable URLs in the navigateTo open option, allowing client-side scr...

Nuxt Nuxt 4.0.0 CVE
MEDIUM 5.3 CVE-2026-56697

Nuxt – Open Redirect via Protocol-Relative Paths in reloadNuxtApp_CVE-2026-56697

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass ...

Nuxt Nuxt 4.0.0 CVE
MEDIUM 6.3 CVE-2026-56357

n8n – Webhook Forgery via Missing HMAC-SHA256 Signature Verification in GitHub Webhook Trigger_CVE-2026-56357

n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to implement HMAC-SHA256 signa...

n8n n8n CVE