Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

294 New today

64,985 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

Jun 24

Critical

High

Medium

Low

Latest

CVE CVSS 6.3

jackson-databind: Deeply nested JsonNode throws StackOverflowError for toString()_CVE-2026-50193

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.13.0 until 2.14.0, a potential Denial-of-Service exists when attacker sends deeply nested JSON if (and only if) the service reads deeply nested (1000s of ...

CVE-2026-50193 FasterXML jackson-databind >= 2.10.0, < 2.14.0

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-47382	NocoDB: Server-Side Request Forgery via Database Connection Host_CVE-2026-47382 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the connection-test endpoint opened a raw TCP socket to the user-sup...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-47380	NocoDB: User Enumeration via Sign-In Timing_CVE-2026-47380 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, sign-in response timing differed between known and unknown email add...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE
MEDIUM 6.9	CVE-2026-47378	NocoDB: Hidden Column Exposure in Public Shared View Endpoints_CVE-2026-47378 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, Public shared-view endpoints exposed values from columns that the vi...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-47377	NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin_CVE-2026-47377 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the client-side hashRedirect plugin called window.location.replace()...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-47376	NocoDB: Reflected Cross-Site Scripting via Password Reset Token_CVE-2026-47376 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the password-reset page rendered the URL token directly into a JavaS...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE
MEDIUM 6	CVE-2026-47375	NocoDB: Postgres SQL Injection in Formula `ARRAYSORT`_CVE-2026-47375 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, an authenticated user with columnAdd permission on a Postgres-backed...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE
MEDIUM 6.9	CVE-2026-47279	NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints_CVE-2026-47279 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the public shared-view relation endpoints accepted a caller-supplied...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
LOW 2.3	CVE-2026-46554	NocoDB: Stale Auth Cache After API Token Deletion_CVE-2026-46554 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, deleted API tokens continued to authenticate requests until their ca...	nocodb	nocodb < 2026.04.4	Jun 23, 2026	CVE
LOW 2.1	CVE-2026-46553	NocoDB: Attachment Size Limit Bypass via Upload-by-URL_CVE-2026-46553 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the upload-by-URL path did not enforce NC_ATTACHMENT_FIELD_SIZE agai...	nocodb	nocodb < 2026.04.1	Jun 23, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

jackson-databind: Deeply nested JsonNode throws StackOverflowError for toString()_CVE-2026-50193

Recent Advisories

NocoDB: Server-Side Request Forgery via Database Connection Host_CVE-2026-47382

NocoDB: User Enumeration via Sign-In Timing_CVE-2026-47380

NocoDB: Hidden Column Exposure in Public Shared View Endpoints_CVE-2026-47378

NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin_CVE-2026-47377

NocoDB: Reflected Cross-Site Scripting via Password Reset Token_CVE-2026-47376

NocoDB: Postgres SQL Injection in Formula `ARRAYSORT`_CVE-2026-47375

NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints_CVE-2026-47279

NocoDB: Stale Auth Cache After API Token Deletion_CVE-2026-46554

NocoDB: Attachment Size Limit Bypass via Upload-by-URL_CVE-2026-46553

Protect Your Attack Surface with RedGem

Security Intelligence
Feed