Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

349 New today
65,663 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
Jun 26
Critical
High
Medium
Low
Latest
CVE CVSS 6.4

Virt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ip_CVE-2026-13318

A server-side request forgery (SSRF) flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance (VMI), virt-api reads the target IP from vmi.Status.Interfaces[0].IP and passes it directly to net.Dial() without...

CVE-2026-13318 Red Hat Red Hat OpenShift Virtualization 4
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 4.2 CVE-2026-13218

Kubevirt: kubevirt: symlink following in writetocachedfile allows host file overwrite from virt-launcher_CVE-2026-13218

A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.W...

Red Hat Red Hat OpenShift Virtualization 4 CVE
MEDIUM 6.9 CVE-2026-13083

Pen-drive: pen-drive: stored xss via unescaped cluster data in html report_CVE-2026-13083

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An ...

Red Hat Pen Drive Powered by Red Hat Lightspeed CVE
MEDIUM 6.5 CVE-2026-12993

Apicurio/apicurio-registry: apicurio-registry: xml entity-expansion denial of service via internal dtd subset_CVE-2026-12993

A flaw was found in Apicurio Registry. The DocumentBuilderAccessor correctly blocks external DTD and schema access but does not disable DOCTYPE dec...

Red Hat Red Hat build of Apicurio Registry 3 CVE
LOW 3.8 CVE-2026-13322

Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of service_CVE-2026-13322

A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine(), which buff...

Red Hat Red Hat OpenShift Virtualization 4 CVE
NONE E07672B6-E349-

netproto_toolkit_E07672B6-E349-5FE5-953E-0A86375F7597

netprototoolkit Network protocol security research toolkit in Python, covering the full workflow from traffic capture through protocol fuzzing to e...

N/A N/A GITHUBEXPLOIT
NONE MSSECURE:A4C90F...

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them_MSSECURE:A4C90F6D8F83B1BF96EC12CDFC5FC84E

In this article 1. The role of infostealers: From credential theft to intrusion 2. StealC: Infostealer for rent 3. Amadey: Malware-as-a-serv...

N/A N/A MSSECURE
NONE MSSECURE:0C0117...

Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms_MSSECURE:0C0117AE434E10AACC147291C44D651A

The endpoint management category is being redefined in real time. Organizations no longer need tools that only inventory devices or enforce configu...

N/A N/A MSSECURE
NONE TALOSBLOG:7A5EA...

Beyond IOCs: AI-enabled threat intelligence_TALOSBLOG:7A5EACBCE90B3C23AAD5D9F502830B62

![Beyond IOCs: AI-enabled threat intelligence](https://storage.ghost.io/c/af/a0/afa04ee3-414f-4481-8d23-7e7c146f192e/content/images/2026/06/threat_...

N/A N/A TALOSBLOG
CRITICAL 9.3 CF51C38E-52F7-

cve-research_CF51C38E-52F7-5CB5-9ACE-2BCD8F86C0BE

CVE Research Notes and code from going through public CVEs that caught my attention. Each folder has a writeup of how the bug actually worked, a de...

N/A N/A GITHUBEXPLOIT