Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

289 New today
64,604 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
283
Jun 22
Critical
High
Medium
Low
Latest
CVE CVSS 7.5

http-proxy-middleware: multipart/form-data field injection via unescaped CRLF in `fixRequestBody`_CVE-2026-55603

http-proxy-middleware is node.js http-proxy middleware. From 3.0.4 until 3.0.7 and 4.1.1, fixRequestBody() is the library's documented helper for re-emitting a request body that was already consumed by a body parser. When the outgoing Content-Type is multipart/form-data, it re...

CVE-2026-55603 chimurai http-proxy-middleware >= 3.0.4, < 3.0.7
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.8 CVE-2026-55599

phpseclib: X.509 certificate validation sends attacker-controlled outbound requests (server-side request forgery) via Authority Information Access_CVE-2026-55599

phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 cer...

phpseclib phpseclib >= 0.1.1, < 1.0.30 CVE
MEDIUM 6.9 CVE-2026-54651

pypdf: Possible infinite loop when processing threads/articles in writer_CVE-2026-54651

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an...

py-pdf pypdf < 6.13.1 CVE
MEDIUM 6.9 CVE-2026-54531

pypdf: Possible infinite loop when processing outlines/bookmarks in writer_CVE-2026-54531

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an...

py-pdf pypdf < 6.13.0 CVE
MEDIUM 6.9 CVE-2026-54530

pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction_CVE-2026-54530

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an...

py-pdf pypdf < 6.13.0 CVE
CRITICAL 9.5 CVE-2026-49468

LiteLLM: Authentication Bypass via Host Header Injection_CVE-2026-49468

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0.

BerriAI litellm < 1.84.0 CVE
MEDIUM 6.9 CVE-2026-49461

pypdf: Possible large memory usage for form XObjects during text extraction_CVE-2026-49461

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to la...

py-pdf pypdf < 6.12.2 CVE
MEDIUM 5.1 CVE-2026-49460

pypdf: Inefficient decoding of FlateDecode PNG predictor streams_CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to lo...

py-pdf pypdf < 6.12.2 CVE
MEDIUM 5.8 CVE-2026-47242

Net::IMAP: Command Injection via ID command argument_CVE-2026-47242

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, when Net::IMAP#id is called w...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
LOW 2.1 CVE-2026-47241

Net::IMAP: Denial of Service via incomplete raw argument validation_CVE-2026-47241

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands ac...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE