Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

307 New today
65,239 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
307
Jun 24
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-54070

SiYuan: Stored XSS in Bazaar marketplace via package README event handlers_CVE-2026-54070

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, renderPackageREADME in kernel/bazaar/readme.go renders a Bazaar pack...

siyuan-note siyuan < 3.7.0 CVE
CRITICAL 9.2 CVE-2026-54069

SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist_CVE-2026-54069

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan Note's kernel HTTP server unconditionally trusts all chrome-e...

siyuan-note siyuan < 3.7.0 CVE
MEDIUM 5.9 CVE-2026-54068

SiYuan: Unauthenticated SQLite Data Exfiltration via Template Injection in /api/icon/getDynamicIcon_CVE-2026-54068

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the /api/icon/getDynamicIcon endpoint is explicitly excluded from au...

siyuan-note siyuan < 3.7.0 CVE
CRITICAL 9.9 CVE-2026-54067

SiYuan: Stored XSS to RCE via CSS-snippet