Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

337 New today

65,687 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 3.7

Denial of service via DoH3 queries_CVE-2026-40208

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.

CVE-2026-40208 PowerDNS DNSdist 1.9.0

Jun 25, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.7	CVE-2026-40011	Prometheus denial of service via crafted DNS queries_CVE-2026-40011 An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid outp...	PowerDNS	DNSdist 1.9.0	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-33612	ZoneToCache can poison the cache_CVE-2026-33612 A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.	PowerDNS	Recursor 5.2.0	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-57619	WordPress Elementor Website Builder plugin <= 4.1.3 - Sensitive Data Exposure vulnerability_CVE-2026-57619 Contributor Sensitive Data Exposure in Elementor Website Builder	Elementor	Elementor Website Builder n/a	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-57429	WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability_CVE-2026-57429 Contributor Broken Access Control in Slim SEO	eLightUp	Slim SEO n/a	Jun 25, 2026	CVE
HIGH 8.7	CVE-2026-56122	Winstone Servlet Engine 0.9.10 Path Traversal via HTTP Request Paths_CVE-2026-56122 Winstone Servlet Engine through 0.9.10 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by sen...	rickknowles	Winstone Servlet Container 0.9.10	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56071	WordPress Forminator plugin <= 1.53.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56071 Unauthenticated Cross Site Scripting (XSS) in Forminator	WPMU DEV	Forminator n/a	Jun 25, 2026	CVE
HIGH 7.7	CVE-2026-56054	WordPress JS Help Desk plugin <= 3.1.1 - Arbitrary File Deletion vulnerability_CVE-2026-56054 Subscriber Arbitrary File Deletion in JS Help Desk	Ahmad	JS Help Desk n/a	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-56053	WordPress EventPrime plugin <= 4.3.4.1 - PHP Object Injection vulnerability_CVE-2026-56053 Subscriber PHP Object Injection in EventPrime	EventPrime	EventPrime n/a	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56051	WordPress TablePress plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-56051 Unauthenticated Cross Site Scripting (XSS) in TablePress	TablePress	TablePress n/a	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Denial of service via DoH3 queries_CVE-2026-40208

Recent Advisories

Prometheus denial of service via crafted DNS queries_CVE-2026-40011

ZoneToCache can poison the cache_CVE-2026-33612

WordPress Elementor Website Builder plugin <= 4.1.3 - Sensitive Data Exposure vulnerability_CVE-2026-57619

WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability_CVE-2026-57429

Winstone Servlet Engine 0.9.10 Path Traversal via HTTP Request Paths_CVE-2026-56122

WordPress Forminator plugin <= 1.53.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56071

WordPress JS Help Desk plugin <= 3.1.1 - Arbitrary File Deletion vulnerability_CVE-2026-56054

WordPress EventPrime plugin <= 4.3.4.1 - PHP Object Injection vulnerability_CVE-2026-56053

WordPress TablePress plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-56051

Protect Your Attack Surface with RedGem

Security Intelligence
Feed