Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

234 New today
65,164 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
232
Jun 24
Critical
High
Medium
Low
Latest
CVE CVSS 8.8

Warp: SSH remote output can lead to local file overwrite and persistence_CVE-2026-48720

Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337;File` payloads from terminal output and materialize the decoded payload as a local file without an additional confirmation step. ...

CVE-2026-48720 warpdotdev warp >= 0.2025.03.05.08.02.stable_00, < 0.2026.05.13.09.15.stable_01
Read analysis

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8 CVE-2026-48719

Warp branch selector command injection via Git branch names_CVE-2026-48719

Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...

warpdotdev warp >= 0.2025.08.06.08.12.stable_00, < 0.2026.05.13.09.15.stable_01 CVE
HIGH 8.8 CVE-2026-48704

Warp Markdown notebook links may open executable local files_CVE-2026-48704

Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.05.06.15.42.stable_01, Warp may open executable local fi...

warpdotdev warp >= 0.2023.10.24.08.03.stable_00, < 0.2026.05.13.09.15.stable_01 CVE
HIGH 7.8 CVE-2026-48703

Warp: Command Injection via Warp code search tool arguments_CVE-2026-48703

Warp is an agentic development environment. From 0.2025.04.09.08.11.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...

warpdotdev warp >= 0.2025.04.09.08.11.stable_00, < 0.2026.05.13.09.15.stable_01 CVE
MEDIUM 5.5 CVE-2026-44022

Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands_CVE-2026-44022

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2....

docling-project docling >= 2.73.0, < 2.91.0 CVE
HIGH 7.5 CVE-2026-44020

Docling: Unsafe XML Entity Expansion in USPTO Patent Backend_CVE-2026-44020

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2....

docling-project docling >= 2.13.0, < 2.74.0 CVE
HIGH 7.5 CVE-2026-44017

Docling: Unsafe Zip Extraction in EasyOCR Model Download_CVE-2026-44017

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the...

docling-project docling < 2.91.0 CVE
HIGH 8.2 CVE-2026-44016

Docling: Unsafe Playwright-based HTML Rendering_CVE-2026-44016

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions >= 2.82...

docling-project docling >= 2.82.0, < 2.91.0 CVE
HIGH 7.5 PACKETSTORM:224227

📄 HTTP.sys HTTP/2 Denial of Service_PACKETSTORM:224227

This advisory provides simple proof of concept details to trigger the HTTP/2 denial of service condition related to malformed Accept-Encoding heade...

N/A N/A PACKETSTORM
HIGH 10 DC8CF54B-5E0D-

pentest-metasploit_DC8CF54B-5E0D-55F4-B5C1-920406A0FF9F

Penetration Testing with Metasploit A structured penetration testing automation framework developed by Aadarsh Bonthula as part of a cybersecurity ...

N/A N/A GITHUBEXPLOIT