Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

285 New today

64,923 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

285

Jun 23

Critical

High

Medium

Low

Latest

CVE CVSS 6.9

RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM_CVE-2026-45792

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK (Rust Token Killer) improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without u...

CVE-2026-45792 rtk-ai rtk < 0.32.0

Jun 23, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.2	CVE-2026-9073	Foreman-mcp-server: mcp server: insecure sensitive http header sanitization_CVE-2026-9073 A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authenticatio...	Red Hat	Red Hat Satellite 6	Jun 23, 2026	CVE
MEDIUM 6.9	CVE-2026-53931	NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint_CVE-2026-53931 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequestMake could be used as a ...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-53930	NocoDB: Server-Side Request Forgery via Base Migration URL_CVE-2026-53930 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the base-migration endpoint accepted a caller-supplied URL that the ...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-53929	NocoDB: Stored Cross-Site Scripting via Secure Attachment_CVE-2026-53929 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, with NC_SECURE_ATTACHMENTS=true, an authenticated uploader could del...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-53928	NocoDB: Refresh Tokens Persist Through Password Recovery_CVE-2026-53928 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a password-forgot flow and could be ...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 5.1	CVE-2026-53927	NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL_CVE-2026-53927 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint (axiosRequestMake) accepted URLs whos...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
MEDIUM 6.3	CVE-2026-53926	NocoDB: OAuth Tokens Persist Through Security Events_CVE-2026-53926 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, revokeAllOAuthTokensByUser in the users service is an empty stub bei...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
LOW 2.3	CVE-2026-47388	NocoDB: Missing Ownership Check in MCP Attachment Read_CVE-2026-47388 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a low-privilege MCP token holder with knowledge of an attachment pat...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE
HIGH 8.4	CVE-2026-47387	NocoDB: Stored Cross-Site Scripting via Form View Redirect URL_CVE-2026-47387 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the shared form-view submit handler (packages/nc-gui/composables/use...	nocodb	nocodb < 2026.05.1	Jun 23, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM_CVE-2026-45792

Recent Advisories

Foreman-mcp-server: mcp server: insecure sensitive http header sanitization_CVE-2026-9073

NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint_CVE-2026-53931

NocoDB: Server-Side Request Forgery via Base Migration URL_CVE-2026-53930

NocoDB: Stored Cross-Site Scripting via Secure Attachment_CVE-2026-53929

NocoDB: Refresh Tokens Persist Through Password Recovery_CVE-2026-53928

NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL_CVE-2026-53927

NocoDB: OAuth Tokens Persist Through Security Events_CVE-2026-53926

NocoDB: Missing Ownership Check in MCP Attachment Read_CVE-2026-47388

NocoDB: Stored Cross-Site Scripting via Form View Redirect URL_CVE-2026-47387

Protect Your Attack Surface with RedGem

Security Intelligence
Feed