Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

343 New today
65,694 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
31
Jun 26
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.3 CVE-2025-71336

Flowise – Unsandboxed Remote Code Execution via Custom MCP_CVE-2025-71336

Flowise before 3.0.6 (affected versions 2.2.7-patch.1 and earlier) contains an unsandboxed remote code execution vulnerability in the Custom MCP fe...

Flowise Flowise CVE
HIGH 8.6 CVE-2025-71335

Flowise – Session Invalidation Failure After Password Change_CVE-2025-71335

Flowise before 3.0.10 (affected versions 3.0.7 and earlier) fails to invalidate existing sessions and session tokens after a user changes their pas...

Flowise Flowise CVE
CRITICAL 9.3 CVE-2025-71334

Flowise – Arbitrary File Access via Missing Chat Flow ID Validation_CVE-2025-71334

Flowise before 3.0.6 (affected versions 2.2.8 and earlier) contains an arbitrary file access vulnerability due to missing validation that the chatf...

Flowise Flowise CVE
CRITICAL 9.3 CVE-2025-71333

Flowise – Arbitrary File Upload via Unauthenticated /api/v1/attachments Endpoint_CVE-2025-71333

Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set t...

Flowise Flowise CVE
HIGH 8.7 CVE-2025-71328

Flowise – Unverified Password Change via Account Settings_CVE-2025-71328

Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through the acc...

Flowise Flowise CVE
CRITICAL 9.3 CVE-2025-71327

Flowise – Authentication Bypass via Unprotected Registration Endpoint_CVE-2025-71327

Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account/register endpoint that allows unauthenticated attackers ...

Flowise Flowise 3.0.1 CVE
HIGH 8.7 CVE-2025-71324

Flowise – Arbitrary File Read via chatId Parameter_CVE-2025-71324

Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assist...

Flowise Flowise CVE
MEDIUM 6.1 CVE-2026-40080

Cacti: Open Redirect via HTTP_REFERER substring check in auth_login_redirect_CVE-2026-40080

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect through a substring c...

Cacti cacti < 1.2.31 CVE
HIGH 8.8 25DE60F3-D53C-

Exploit for Path Traversal in Tp-Link Tapo_C260_Firmware_25DE60F3-D53C-5F5C-9C45-E27FA387E1AA

Tapo C260 RCE Chain CVE-2026-0651 / CVE-2026-0652 / CVE-2026-0653 Proof-of-concept exploit chain for TP-Link Tapo C260 IP camera achieving unauthen...

N/A N/A GITHUBEXPLOIT