Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

224 New today

65,462 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

175

Jun 25

Critical

High

Medium

Low

Latest

CVE CVSS 6.5

Masteriyo LMS < 2.2.1 - Unauthenticated Course Progress Disclosure and Deletion_CVE-2026-10824

The Masteriyo LMS WordPress plugin before 2.2.1 does not perform authorization checks in a course-progress REST API controller, allowing unauthenticated users to read and permanently delete any user's course-progress records.

CVE-2026-10824 Unknown Masteriyo LMS

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.7	CVE-2026-42004	EDNS options smuggling_CVE-2026-42004 An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when ...	PowerDNS	DNSdist 1.9.0	Jun 25, 2026	CVE
MEDIUM 5.3	CVE-2026-40211	Denial of service via crafted DoH3 queries_CVE-2026-40211 An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer wil...	PowerDNS	DNSdist 1.9.0	Jun 25, 2026	CVE
MEDIUM 4.8	CVE-2026-40210	Out-of-bounds read in SetMacAddrAction_CVE-2026-40210 An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a cr...	PowerDNS	DNSdist 1.9.0	Jun 25, 2026	CVE
MEDIUM 5.3	CVE-2026-40209	Denial of service via IXFR queries_CVE-2026-40209 An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by...	PowerDNS	DNSdist 1.9.0	Jun 25, 2026	CVE
LOW 3.7	CVE-2026-40208	Denial of service via DoH3 queries_CVE-2026-40208 An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.	PowerDNS	DNSdist 1.9.0	Jun 25, 2026	CVE
LOW 3.7	CVE-2026-40011	Prometheus denial of service via crafted DNS queries_CVE-2026-40011 An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid outp...	PowerDNS	DNSdist 1.9.0	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-33612	ZoneToCache can poison the cache_CVE-2026-33612 A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.	PowerDNS	Recursor 5.2.0	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-57619	WordPress Elementor Website Builder plugin <= 4.1.3 - Sensitive Data Exposure vulnerability_CVE-2026-57619 Contributor Sensitive Data Exposure in Elementor Website Builder	Elementor	Elementor Website Builder n/a	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-57429	WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability_CVE-2026-57429 Contributor Broken Access Control in Slim SEO	eLightUp	Slim SEO n/a	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Masteriyo LMS < 2.2.1 - Unauthenticated Course Progress Disclosure and Deletion_CVE-2026-10824

Recent Advisories

EDNS options smuggling_CVE-2026-42004

Denial of service via crafted DoH3 queries_CVE-2026-40211

Out-of-bounds read in SetMacAddrAction_CVE-2026-40210

Denial of service via IXFR queries_CVE-2026-40209

Denial of service via DoH3 queries_CVE-2026-40208

Prometheus denial of service via crafted DNS queries_CVE-2026-40011

ZoneToCache can poison the cache_CVE-2026-33612

WordPress Elementor Website Builder plugin <= 4.1.3 - Sensitive Data Exposure vulnerability_CVE-2026-57619

WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability_CVE-2026-57429

Protect Your Attack Surface with RedGem

Security Intelligence
Feed