Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

367 New today
66,038 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
375
Jun 26
Jun 27
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.9 CVE-2026-48497

Envoy: Abnormal process termination in DNS UDP filter_CVE-2026-48497

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where...

envoyproxy envoy >= 1.38.0, < 1.38.1 CVE
HIGH 7.5 CVE-2026-48044

Envoy Zstd Decompressor: Ratio Check at Wrong Loop Depth lead to memory explosion_CVE-2026-48044

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.23.0 until 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vu...

envoyproxy envoy >= 1.38.0, < 1.38.1 CVE
HIGH 7.5 CVE-2026-48042

Envoy: Stack overflow in destructor of highly nested JSON_CVE-2026-48042

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of ...

envoyproxy envoy >= 1.38.0, < 1.38.1 CVE
MEDIUM 4.4 CVE-2026-47778

Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (Auth Bypass)_CVE-2026-47778

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural f...

envoyproxy envoy >= 1.38.0, < 1.38.1 CVE
MEDIUM 6.8 CVE-2026-47775

Envoy OAuth2 Filter: Padding Oracle via AES-256-CBC Cookie Decryption_CVE-2026-47775

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTT...

envoyproxy envoy >= 1.38.0, < 1.38.1 CVE
MEDIUM 4.8 CVE-2026-47692

Envoy: PROXY Protocol v2 header generator emits “skipped” TLVs, causing 65 KB attacker-controlled spillover into the upstream application stream_CVE-2026-47692

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, PROXY...

envoyproxy envoy >= 1.38.0, < 1.38.3 CVE
MEDIUM 5.9 CVE-2026-47221

Envoy: Null pointer deref in internal redirects_CVE-2026-47221

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the r...

envoyproxy envoy >= 1.38.0, < 1.38.3 CVE
MEDIUM 6.5 CVE-2026-47207

Envoy crashes if multiple unexpected ext_proc responses are packed into one gRPC message_CVE-2026-47207

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy...

envoyproxy envoy >= 1.38.0, < 1.38.3 CVE
MEDIUM 6.5 CVE-2026-47204

Envoy: grpc_stats filter segfault on Connect protocol requests to direct_response routes_CVE-2026-47204

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the e...

envoyproxy envoy >= 1.38.0, < 1.38.3 CVE