Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

307 New today
65,584 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
297
Jun 25
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.4 CVE-2026-50014

pnpm: Git Fetch Argument Injection via Lockfile resolution.commit_CVE-2026-50014

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- s...

pnpm pnpm < 10.33.4 CVE
HIGH 7.1 CVE-2026-49839

jq –rawfile invalid-state reuse after String too long causes heap-buffer-overflow_CVE-2026-49839

jq is a command-line JSON processor. Prior to 1.8.2,` jq --rawfile` can turn a handled oversized-string error into invalid-state reuse and a real h...

jqlang jq < 1.8.2 CVE
MEDIUM 4.8 CVE-2026-48995

pnpm: Tarball hash of GitHub git dependencies is not stored in lockfile_CVE-2026-48995

pnpm is a package manager. Prior to 10.33.4 and 11.0.7, a malicious codeload.github.com server can serve whatever tarball it wants and pnpm will in...

pnpm pnpm < 10.33.4 CVE
MEDIUM 6.8 CVE-2026-47770

jq: stack overflow in deep structural equality_CVE-2026-47770

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on j...

jqlang jq < 1.8.2 CVE
HIGH 8.2 CVE-2026-11999

X.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()_CVE-2026-11999

X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only ...

wolfSSL wolfSSL 5.7.4 CVE
CRITICAL 10 CVE-2026-57700

WordPress OMGF Pro plugin <= 5.2.6 - Arbitrary File Upload vulnerability_CVE-2026-57700

Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from...

Daan.dev OMGF Pro n/a CVE
HIGH 7 CVE-2026-56790

CANBoat – Off-by-One Global Buffer Overflow in searchForPgn()_CVE-2026-56790

CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn() function in analyzer/pgn.c that ...

canboat canboat CVE
HIGH 7.1 CVE-2026-56789

RTKLIB 2.4.3 – Heap Buffer Overflow and Stack Read via Oversized RINEX Epoch Satellite Count_CVE-2026-56789

RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memo...

tomojitakasu RTKLIB CVE
MEDIUM 4.8 CVE-2026-56788

RTKLIB 2.4.3 – Out-of-bounds Read via Negative Array Index in getcodepri_CVE-2026-56788

RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allo...

tomojitakasu RTKLIB CVE