Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

287 New today
64,643 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

351
Jun 10
245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
5
Jun 23
Critical
High
Medium
Low
Latest
CVE CVSS 7.1

Bluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds read_CVE-2026-10651

A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, bt_sdp_parse_attribute() accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditi...

CVE-2026-10651 zephyrproject-rtos Zephyr *
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 4.9 CVE-2026-10645

fs: ext2: Missing structural validation of directory entries can cause out-of-bounds read and zero-progress directory traversal_CVE-2026-10645

Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversa...

zephyrproject-rtos Zephyr * CVE
HIGH 8.2 CVE-2026-11833

CVE-2026-11833_CVE-2026-11833

Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting inform...

Yokogawa Electric Corporation FAST/TOOLS R9.01 CVE
MEDIUM 6.8 068C9182-D370-

Exploit for Out-of-bounds Write in Samsung Android_068C9182-D370-5C64-B905-6227B13760CE

SveService Buffer Overflow --- Samsung SMR May 2026 SVE-2026-0478CVE-2026-21018 Affected versions: Android 14, 15, 16 Disclosure status: Privately ...

N/A N/A GITHUBEXPLOIT
MEDIUM 5.5 MS:CVE-2026-12444

Chromium: CVE-2026-12444 Out of bounds read in Chromoting_MS:CVE-2026-12444

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
HIGH 7.8 MS:CVE-2026-12449

Chromium: CVE-2026-12449 Use after free in Chromoting_MS:CVE-2026-12449

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
HIGH 8.3 MS:CVE-2026-12465

Chromium: CVE-2026-12465 Insufficient validation of untrusted input in Metrics_MS:CVE-2026-12465

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...

N/A N/A MSCVE
MEDIUM 5.3 CVE-2026-54236

vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router_CVE-2026-54236

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a saniti...

vllm-project vllm < 0.23.1rc0 CVE
MEDIUM 6.9 CVE-2026-54235

vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels_CVE-2026-54235

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operat...

vllm-project vllm < 0.23.1rc0 CVE
MEDIUM 6.5 CVE-2026-54233

vLLM: OOM Denial of Service via Audio Decompression Bomb_CVE-2026-54233

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compr...

vllm-project vllm < 0.23.1rc0 CVE