Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

286 New today
64,930 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
292
Jun 23
Jun 24
Critical
High
Medium
Low
Latest
CVE CVSS 7.7

Daytona: Cross-org IDOR in organization role update/delete — any org owner can rewrite or destroy another org’s roles_CVE-2026-54322

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, Daytona's organization role update and delete endpoints authorized the caller as an owner of the organization named in the request path, but resolved a...

CVE-2026-54322 daytonaio daytona < 0.185.0
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7 CVE-2026-54321

Daytona: Public sandbox previews remain accessible for up to one hour after being made private_CVE-2026-54321

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. From 0.101.0 until 0.184.0, sandbox pre...

daytonaio daytona >= 0.101.0, < 0.184.0 CVE
HIGH 8.4 CVE-2026-54320

Daytona: Cross-tenant organization takeover via invitation acceptance with an unverified email_CVE-2026-54320

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.184.0, organization invitati...

daytonaio daytona < 0.184.0 CVE
MEDIUM 4.2 CVE-2026-54319

Daytona: Path traversal in sandbox volume id mounts arbitrary host paths into the sandbox — cross-tenant data access and host escape_CVE-2026-54319

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.186, a sandbox volume refere...

daytonaio daytona < 0.186 CVE
HIGH 8.6 CVE-2026-53755

Crawl4AI: SSRF via proxy settings in the Docker server bypasses the crawl-URL SSRF check_CVE-2026-53755

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server applied its SSRF destination check to the craw...

unclecode crawl4ai < 0.8.9 CVE
HIGH 7.5 CVE-2026-53754

Crawl4AI: SSRF filter bypass in Docker server via IPv6 transition forms (NAT64 / 6to4 / unspecified / v4-mapped)_CVE-2026-53754

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.8, the Docker API server's SSRF protection (validate_webhook_url / vali...

unclecode crawl4ai < 0.8.8 CVE
CRITICAL 9.8 CVE-2026-53753

Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain – Pre-Auth RCE in Docker API_CVE-2026-53753

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature ...

unclecode crawl4ai < 0.8.7 CVE
MEDIUM 5.9 CVE-2026-54762

Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution fails_CVE-2026-54762

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes I...

traefik traefik >= 3.7.0-ea.1, < 3.7.5 CVE
MEDIUM 6 CVE-2026-54761

Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services_CVE-2026-54761

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gatew...

traefik traefik < 3.6.21 CVE
HIGH 7.8 CVE-2026-54555

rtk: Permission-gate bypass in rtk rewrite auto-allow via unsplit shell separators_CVE-2026-54555

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.42.2, the permission splitter did not conservatively spli...

rtk-ai rtk < 0.42.2 CVE