Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

196 New today

65,119 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

187

Jun 24

Critical

High

Medium

Low

Latest

CVE CVSS 4.3

AnythingLLM: Windows path containment bypass in document folder route_CVE-2026-48789

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Windows, the document folder listing route can accept an encoded absolute Windows path that resolves outside the intended documents d...

CVE-2026-48789 Mintplex-Labs anything-llm < 1.13.0

Jun 24, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-48732	Warp: Remote SSH cwd can lead to unauthorized remote command execution_CVE-2026-48732 Warp is an agentic development environment. From 0.2023.03.21.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2023.03.21.08.02.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-48731	Warp: Linux external editor command injection_CVE-2026-48731 Warp is an agentic development environment. From 0.2024.02.20.08.01.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2024.02.20.08.01.stable_01, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.1	CVE-2026-48725	Warp may allow terminal output to access the local clipboard through OSC 52_CVE-2026-48725 Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp allows terminal output to re...	warpdotdev	warp >= 0.2021.04.25.23.05.stable_00, < v0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.6	CVE-2026-48721	Warp: Env-var prefixes can lead to denylisted command autoexecution_CVE-2026-48721 Warp is an agentic development environment. From 0.2025.10.08.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...	warpdotdev	warp >= 0.2025.10.08.08.12.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48720	Warp: SSH remote output can lead to local file overwrite and persistence_CVE-2026-48720 Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337...	warpdotdev	warp >= 0.2025.03.05.08.02.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8	CVE-2026-48719	Warp branch selector command injection via Git branch names_CVE-2026-48719 Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection...	warpdotdev	warp >= 0.2025.08.06.08.12.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-48704	Warp Markdown notebook links may open executable local files_CVE-2026-48704 Warp is an agentic development environment. From 0.2023.10.24.08.03.stable_00 until 0.2026.05.06.15.42.stable_01, Warp may open executable local fi...	warpdotdev	warp >= 0.2023.10.24.08.03.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
HIGH 7.8	CVE-2026-48703	Warp: Command Injection via Warp code search tool arguments_CVE-2026-48703 Warp is an agentic development environment. From 0.2025.04.09.08.11.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution...	warpdotdev	warp >= 0.2025.04.09.08.11.stable_00, < 0.2026.05.13.09.15.stable_01	Jun 24, 2026	CVE
MEDIUM 5.5	CVE-2026-44022	Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands_CVE-2026-44022 Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2....	docling-project	docling >= 2.73.0, < 2.91.0	Jun 24, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

AnythingLLM: Windows path containment bypass in document folder route_CVE-2026-48789

Recent Advisories

Warp: Remote SSH cwd can lead to unauthorized remote command execution_CVE-2026-48732

Warp: Linux external editor command injection_CVE-2026-48731

Warp may allow terminal output to access the local clipboard through OSC 52_CVE-2026-48725

Warp: Env-var prefixes can lead to denylisted command autoexecution_CVE-2026-48721

Warp: SSH remote output can lead to local file overwrite and persistence_CVE-2026-48720

Warp branch selector command injection via Git branch names_CVE-2026-48719

Warp Markdown notebook links may open executable local files_CVE-2026-48704

Warp: Command Injection via Warp code search tool arguments_CVE-2026-48703

Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands_CVE-2026-44022

Protect Your Attack Surface with RedGem

Security Intelligence
Feed