Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

288 New today
64,608 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

658
Jun 9
351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
287
Jun 22
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.1 CVE-2026-49460

pypdf: Inefficient decoding of FlateDecode PNG predictor streams_CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to lo...

py-pdf pypdf < 6.12.2 CVE
MEDIUM 5.8 CVE-2026-47242

Net::IMAP: Command Injection via ID command argument_CVE-2026-47242

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, when Net::IMAP#id is called w...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
LOW 2.1 CVE-2026-47241

Net::IMAP: Denial of Service via incomplete raw argument validation_CVE-2026-47241

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands ac...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
MEDIUM 5.8 CVE-2026-47240

Net::IMAP: Command Injection via non-synchronizing literal in “raw” argument_CVE-2026-47240

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands ac...

ruby net-imap >= 0.6.0, < 0.6.4.1 CVE
CRITICAL 9.2 CVE-2026-45034

PhpSpreadsheet: File::prohibitWrappers bypass_CVE-2026-45034

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.5, CVE-2026-34084 was patched by the helper File::pro...

PHPOffice PhpSpreadsheet < 1.30.5 CVE
CRITICAL 9.3 CVE-2026-44727

Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP_CVE-2026-44727

Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyter_server render user-authored noteb...

jupyter-server jupyter_server < 2.20 CVE
MEDIUM 5.4 CVE-2026-41479

Authlib OAuth 2.0 authorization endpoint open redirects to attacker-controlled redirect_uri on unsupported response_type_CVE-2026-41479

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.10 and 1.7.1, Authlib's OAuth 2.0 authorization endpoint ca...

authlib authlib < 1.6.10 CVE
HIGH 7.1 CVE-2026-39904

Gophish 0.12.1 Denial of Service via Office Document Upload_CVE-2026-39904

Gophish through 0.12.1 contains a denial of service vulnerability that allows authenticated users with the User role to exhaust server memory by up...

gophish gophish CVE
MEDIUM 5.3 CVE-2026-56698

Nuxt – Cross-Site Scripting via navigateTo open Option_CVE-2026-56698

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validate script-capable URLs in the navigateTo open option, allowing client-side scr...

Nuxt Nuxt 4.0.0 CVE