Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

293 New today

64,984 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

Jun 24

Critical

High

Medium

Low

Latest

CVE CVSS 9.1

GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12486

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. `libNetSetObj.so`...

CVE-2026-12486 GeoVision Inc. GV-I/O Box 4E V2.09

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 10	CVE-2026-12485	GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12485 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
HIGH 7.2	CVE-2026-3652	ARForms <= 7.1.3 - Unauthenticated Stored Cross-Site Scripting via 'value' Parameter_CVE-2026-3652 The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value` parameter of the `arf_save_incomplete_form_data` AJAX...	n/a	ARforms	Jun 24, 2026	CVE
MEDIUM 6.4	CVE-2026-11614	Xpro Addons <= 1.7.2 - Authenticated (Author+) Stored Cross-Site Scripting via 'custom_attributes' Parameter of Multiple Widgets_CVE-2026-11614 The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_attributes' paramete...	xpro	Xpro Addons — 140+ Widgets for Elementor	Jun 24, 2026	CVE
MEDIUM 6.7	37C50661-A878-	kev-investigator_37C50661-A878-507B-9377-0F99874BB5CE KEV Investigator An automated investigation draft generator for CISA's Known Exploited Vulnerabilities KEV catalog — built to remove the repetitive...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 9.8	EECE9D9F-6DA3-	Exploit for Path Traversal in Apache Http_Server_EECE9D9F-6DA3-5669-A840-4B74F51D2FBB CVE-2021-42013 — PoC: Path Traversal + RCE via modcgi bypass de parche Solo para uso en entornos controlados y propios. No usar contra sistemas sin...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
HIGH 8.9	CVE-2026-12681	CVE-2026-12681_CVE-2026-12681 Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Google go-attestation. parseEfiSignatureList() does not advan...	Google	go-attestation	Jun 24, 2026	CVE
HIGH 8.7	CVE-2026-7574	Anthropic Claude Desktop Cowork VM Image Contents Not Validated Before Use_CVE-2026-7574 Anthropic Claude Desktop Cowork VM image handling (confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0) val...	Anthropic	Claude Desktop Cowork 1.1348.0	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-6458	AES-256-GCM Authentication Tag Does Not Cover First Ciphertext Blocks When AAD Is Empty_CVE-2026-6458 Missing cryptographic step in Caliptra Core Firmware (aes_256_gcm_update module) results in an incorrect GCM authentication tag. When the streaming...	Caliptra	Core Runtime Firmware 2.0.0	Jun 23, 2026	CVE
HIGH 7.2	CVE-2026-5818	MCU Firmware Update Authentication Bypass on Caliptra Core_CVE-2026-5818 Incorrect check of function return value in Caliptra Core Runtime Firmware (ActivateFirmwareCmd::activate_fw modules) allows bypass of Caliptra Cor...	Caliptra	Core Runtime Firmware 2.0.0	Jun 23, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12486

Recent Advisories

GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12485

ARForms <= 7.1.3 - Unauthenticated Stored Cross-Site Scripting via 'value' Parameter_CVE-2026-3652

Xpro Addons <= 1.7.2 - Authenticated (Author+) Stored Cross-Site Scripting via 'custom_attributes' Parameter of Multiple Widgets_CVE-2026-11614

kev-investigator_37C50661-A878-507B-9377-0F99874BB5CE

Exploit for Path Traversal in Apache Http_Server_EECE9D9F-6DA3-5669-A840-4B74F51D2FBB

CVE-2026-12681_CVE-2026-12681

Anthropic Claude Desktop Cowork VM Image Contents Not Validated Before Use_CVE-2026-7574

AES-256-GCM Authentication Tag Does Not Cover First Ciphertext Blocks When AAD Is Empty_CVE-2026-6458

MCU Firmware Update Authentication Bypass on Caliptra Core_CVE-2026-5818

Protect Your Attack Surface with RedGem

Security Intelligence
Feed