Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

308 New today

65,238 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

306

Jun 24

Critical

High

Medium

Low

Latest

CVE CVSS 7.1

Tiptap for PHP < 2.1.1 DoS via Malformed href Attribute_CVE-2026-47110

Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string, causing an unhandled TypeError in the Link::...

CVE-2026-47110 ueberdosis tiptap-php

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-10642	Unbounded TX busy-loop DoS in Zephyr PL011 UART driver under CTS hardware flow control_CVE-2026-10642 The Zephyr PL011 UART driver (drivers/serial/uart_pl011.c) contains an unbounded software loop in pl011_irq_tx_enable() that repeatedly invokes the...	zephyrproject	zephyr 4.1.0	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-10043	MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability_CVE-2026-10043 MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbi...	MosaicML	Composer 0.32.1	Jun 24, 2026	CVE
CRITICAL 9.1	75711BFE-8B18-	Exploit for CVE-2026-56111_75711BFE-8B18-55AC-A70F-7ACF021EFAE2 CVE-2026-56111 - Marlin M421 Out-of-bounds Write Proof of concept for CVE-2026-56111, an out-of-bounds write in the M421 G-code handler of Marlin F...	N/A	N/A	Jun 24, 2026	GITHUBEXPLOIT
CRITICAL 9.8	MSF:AUXILIARY-SCANNER-	BerriAI LiteLLM Proxy Pre-Auth SQL Injection Scanner_MSF:AUXILIARY-SCANNER-HTTP-LITELLM_PROXY_SQLI- This module detects BerriAI LiteLLM proxy servers affected by CVE-2026-42208, an unauthenticated SQL injection. During API-key verification the pro...	N/A	N/A	Jun 24, 2026	METASPLOIT
CRITICAL 9.1	MSF:AUXILIARY-SCANNER-	Next.js Middleware Authorization Bypass Scanner_MSF:AUXILIARY-SCANNER-HTTP-NEXTJS_MIDDLEWARE_AUTH_BYPASS- This module detects self-hosted Next.js applications affected by CVE-2025-29927, an authorization bypass in the middleware layer. Next.js tags its ...	N/A	N/A	Jun 24, 2026	METASPLOIT
HIGH 8.8	MALWAREBYTES:EC...	PixelSmash flaw turns video files into attack tools_MALWAREBYTES:EC34003352AA88477BAACCE9BF91A066 A newly discovered vulnerability in FFmpeg’s MagicYUV decoder can turn a tiny, malformed video into a foothold for attackers. Researchers have dis...	N/A	N/A	Jun 24, 2026	MALWAREBYTES
NONE	MSSECURE:3B070B...	CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms_MSSECURE:3B070B95A636749B56951E3900D3E767 Cloud security is shifting from visibility to context-aware risk reduction, helping security teams understand which exposures matter most, prioriti...	N/A	N/A	Jun 24, 2026	MSSECURE
HIGH 7.5	CVE-2026-53950	@tryghost/activitypub: XSS in Ghost’s ActivityPub client_CVE-2026-53950 @tryghost/activitypub is Ghost’s social/federation client app. Prior to 3.1.0, the ActivityPub client in Ghost was vulnerable to JavaScript injecti...	TryGhost	Ghost < 3.1.0	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-53949	Ghost Content API filter bypass reveals private fields_CVE-2026-53949 Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be part...	TryGhost	Ghost >= 5.46.1, < 6.21.2	Jun 24, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Tiptap for PHP < 2.1.1 DoS via Malformed href Attribute_CVE-2026-47110

Recent Advisories

Unbounded TX busy-loop DoS in Zephyr PL011 UART driver under CTS hardware flow control_CVE-2026-10642

MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability_CVE-2026-10043

Exploit for CVE-2026-56111_75711BFE-8B18-55AC-A70F-7ACF021EFAE2

BerriAI LiteLLM Proxy Pre-Auth SQL Injection Scanner_MSF:AUXILIARY-SCANNER-HTTP-LITELLM_PROXY_SQLI-

Next.js Middleware Authorization Bypass Scanner_MSF:AUXILIARY-SCANNER-HTTP-NEXTJS_MIDDLEWARE_AUTH_BYPASS-

PixelSmash flaw turns video files into attack tools_MALWAREBYTES:EC34003352AA88477BAACCE9BF91A066

CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms_MSSECURE:3B070B95A636749B56951E3900D3E767

@tryghost/activitypub: XSS in Ghost’s ActivityPub client_CVE-2026-53950

Ghost Content API filter bypass reveals private fields_CVE-2026-53949

Protect Your Attack Surface with RedGem

Security Intelligence
Feed