Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

183 New today

66,758 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

284

Jun 29

Jun 30

Critical

High

Medium

Low

Latest

CVE CVSS 6.5

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away_CVE-2026-13593

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace.

CVE-2026-13593 GTERMARS CSS::Minifier::XS

Jun 29, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-41896	Coolify: Unauthenticated Deployment Trigger via Webhook HMAC Bypass with Null Secret_CVE-2026-41896 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the HMAC key is the ap...	coollabsio	coolify < 4.0.0-beta.474	Jun 29, 2026	CVE
HIGH 8.8	CVE-2026-34597	Coolify: Authenticated Host RCE_CVE-2026-34597 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.470, a critical Authenticat...	coollabsio	coolify < 4.0.0-beta.470	Jun 29, 2026	CVE
HIGH 8.8	CVE-2026-34594	Coolify: Authenticated Remote Code Execution via Command Injection in Destination Network Management_CVE-2026-34594 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, an authenticated comma...	coollabsio	coolify < 4.0.0-beta.471	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-57997	Strapi users-permissions – JWT Algorithm Confusion via Missing Algorithm Configuration_CVE-2026-57997 Strapi users-permissions plugin fails to restrict JWT algorithms when plugin::users-permissions.jwt.algorithm is not explicitly configured, allowin...	strapi	strapi	Jun 29, 2026	CVE
HIGH 7.7	CVE-2026-34592	Coolify: Cross-Team IDOR via Unscoped Server and Project Lookups Exposes SSH Keys and Infrastructure_CVE-2026-34592 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, Coolify server and pro...	coollabsio	coolify < 4.0.0-beta.471	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-10647	Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure_CVE-2026-10647 The USB CDC-NCM device class (subsys/usb/device_next/class/usbd_cdc_ncm.c) ignores the return value of usbd_ep_enqueue() in its ethernet transmit c...	zephyrproject	zephyr 4.1.0	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-8023	Path traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file read_CVE-2026-8023 Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYS...	zephyrproject	zephyr 4.0.0	Jun 29, 2026	CVE
HIGH 8.1	CVE-2026-7656	Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack_CVE-2026-7656 The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expr...	zephyrproject	zephyr 1.14.0	Jun 29, 2026	CVE
CRITICAL 10	745E87EB-2F7B-	Exploit for Improper Control of Dynamically-Managed Code Resources in Kidocode Crawl4Ai_745E87EB-2F7B-5DE3-8689-0B856028F54D CVE-2026-53753 — Crawl4AI Unauthenticated Remote Code Execution AST Sandbox Escape Pre-authentication RCE in Crawl4AI expression evaluator safeeval...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away_CVE-2026-13593

Recent Advisories

Coolify: Unauthenticated Deployment Trigger via Webhook HMAC Bypass with Null Secret_CVE-2026-41896

Coolify: Authenticated Host RCE_CVE-2026-34597

Coolify: Authenticated Remote Code Execution via Command Injection in Destination Network Management_CVE-2026-34594

Strapi users-permissions – JWT Algorithm Confusion via Missing Algorithm Configuration_CVE-2026-57997

Coolify: Cross-Team IDOR via Unscoped Server and Project Lookups Exposes SSH Keys and Infrastructure_CVE-2026-34592

Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure_CVE-2026-10647

Path traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file read_CVE-2026-8023

Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack_CVE-2026-7656

Exploit for Improper Control of Dynamically-Managed Code Resources in Kidocode Crawl4Ai_745E87EB-2F7B-5DE3-8689-0B856028F54D

Protect Your Attack Surface with RedGem

Security Intelligence
Feed