Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

122 New today
66,075 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
26
Jun 27
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-53577

Kestra: Cross-Execution File Read via Preview Endpoint (IDOR)_CVE-2026-53577

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the previewFileFromExecution endpoint (GET /api/v1/{tena...

kestra-io kestra < 1.0.45 CVE
CRITICAL 10 CVE-2026-53576

Kestra: Unauthenticated RCE via /configs path-suffix auth-filter bypass_CVE-2026-53576

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@Filter("/ap...

kestra-io kestra < 1.0.45 CVE
HIGH 7.7 CVE-2026-49984

Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)_CVE-2026-49984

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-suppli...

kestra-io kestra < 1.0.45 CVE
CRITICAL 10 CVE-2026-49869

Kestra: Unauthenticated Remote Code Execution via Authentication Bypass in `AuthenticationFilter`_CVE-2026-49869

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath(...

kestra-io kestra < 1.0.45 CVE
HIGH 7.7 CVE-2026-45807

Kestra: Path traversal via URL-encoded “%2E%2E” in execution and namespace file endpoints allows arbitrary file read_CVE-2026-45807

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from...

kestra-io kestra < 1.0.43 CVE
NONE MSF:EXPLOIT-WINDOWS-

Peyara Remote Mouse 1.0.1 Unauthenticated Remote Code Execution_MSF:EXPLOIT-WINDOWS-MISC-PEYARA_REMOTE_MOUSE_RCE-

This module exploits an unauthenticated remote code execution vulnerability in Peyara Remote Mouse 1.0.1. The application exposes a Socket.IO WebSo...

N/A N/A METASPLOIT
NONE THN:7E1EAC23BDB...

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys_THN:7E1EAC23BDB48712E7108993DDE56BCD

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjt2-y25_EiB31BmVQQpt9ne8mH9iPOJpYJmItVSIKGexUBmKRwzNSvDYzbVyRm9xxR6H0rE880CTv3QTblU...

N/A N/A THN
MEDIUM 6.5 MS:CVE-2026-13022

Chromium: CVE-2026-13022 Inappropriate implementation in Autofill_MS:CVE-2026-13022

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
MEDIUM 4.3 MS:CVE-2026-13021

Chromium: CVE-2026-13021 Inappropriate implementation in DeviceBoundSessionCredentials_MS:CVE-2026-13021

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE