Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

307 New today

65,584 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

297

Jun 25

Critical

High

Medium

Low

Latest

CVE CVSS 7.1

Bitwarden Server < 2026.5.0 Privilege Escalation via Bulk User Remove Endpoint_CVE-2026-57520

Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by exploiting a missing role hierarchy check in the bulk user-remove endpoint. Attack...

CVE-2026-57520 bitwarden server

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.3	CVE-2026-55964	Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA (temporary CA exemption)_CVE-2026-55964 Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usag...	wolfSSL	wolfSSL 5.7.4	Jun 25, 2026	CVE
HIGH 8.2	CVE-2026-55960	Un-negotiated Raw Public Key (RFC 7250) accepted in place of X.509, bypassing chain validation_CVE-2026-55960 Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so Pa...	wolfSSL	wolfSSL 5.6.4	Jun 25, 2026	CVE
HIGH 8.3	CVE-2026-55958	Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage_CVE-2026-55958 Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsip_StoreMessage() the capacity check guarding the fixed message bag (MSGBAG...	wolfSSL	wolfSSL 5.4.0	Jun 25, 2026	CVE
MEDIUM 4.2	CVE-2026-2299	Improper Access Control in Mattermost Google Drive Plugin File Creation Endpoint_CVE-2026-2299 The Mattermost Google Drive plugin before version 1.1.0 fails to validate channel membership in the file creation endpoint, allowing authenticated ...	Mattermost	Mattermost Google Drive Plugin	Jun 25, 2026	CVE
MEDIUM 6.3	CVE-2026-12340	Out-of-bounds heap read in SM2/SM3 certificate Subject Key Identifier computation_CVE-2026-12340 Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Id...	wolfSSL	wolfSSL 5.6.4	Jun 25, 2026	CVE
HIGH 8.7	CVE-2026-11310	X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring_CVE-2026-11310 X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-ope...	wolfSSL	wolfSSL 5.8.4	Jun 25, 2026	CVE
MEDIUM 6.3	CVE-2026-10592	Wildcard DNS SAN bypasses CA name-constraint checks_CVE-2026-10592 Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be r...	wolfSSL	wolfSSL 3.9.10	Jun 25, 2026	CVE
LOW 2.3	CVE-2026-7531	Use-after-free in PQC hybrid key-share handling_CVE-2026-7531 Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 serv...	wolfSSL	wolfSSL 5.8.0	Jun 25, 2026	CVE
LOW 2.3	CVE-2026-10512	X25519 x86_64 assembly final reduction leaves non-canonical field element_CVE-2026-10512 The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may no...	wolfSSL	wolfSSL 5.6.4	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Bitwarden Server < 2026.5.0 Privilege Escalation via Bulk User Remove Endpoint_CVE-2026-57520

Recent Advisories

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA (temporary CA exemption)_CVE-2026-55964

Un-negotiated Raw Public Key (RFC 7250) accepted in place of X.509, bypassing chain validation_CVE-2026-55960

Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage_CVE-2026-55958

Improper Access Control in Mattermost Google Drive Plugin File Creation Endpoint_CVE-2026-2299

Out-of-bounds heap read in SM2/SM3 certificate Subject Key Identifier computation_CVE-2026-12340

X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring_CVE-2026-11310

Wildcard DNS SAN bypasses CA name-constraint checks_CVE-2026-10592

Use-after-free in PQC hybrid key-share handling_CVE-2026-7531

X25519 x86_64 assembly final reduction leaves non-canonical field element_CVE-2026-10512

Protect Your Attack Surface with RedGem

Security Intelligence
Feed