Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

122 New today
66,075 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
26
Jun 27
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.6 CVE-2026-55441

mise: Arbitrary command execution via task-include files in an untrusted, config-less repository_CVE-2026-55441

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files (mise.toml, .tool-versio...

jdx mise < 2026.6.4 CVE
MEDIUM 5.5 CVE-2026-54557

mise HTTP backend uses raw version path for install symlink destination_CVE-2026-54557

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.1, the mise HTTP backend builds its install symlink destination fro...

jdx mise < 2026.6.1 CVE
HIGH 7.5 CVE-2026-54341

Dragonfly: RESTORE operations may crash the server_CVE-2026-54341

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.0, a crafted RESTORE payload triggers an out-of-bounds r...

dragonflydb dragonfly < 1.39.0 CVE
LOW 2.3 CVE-2026-47206

Dragonfly: RESP Protocol Injection via Lua redis.error_reply() in EvalSerializer_CVE-2026-47206

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.9, Dragonfly has a RESP Protocol Injection via Lua redis...

dragonflydb dragonfly < 1.38.9 CVE
CRITICAL 9.6 CVE-2026-33646

mise: Arbitrary Code Execution via Tera Templates in .tool-versions Files (Trust Bypass)_CVE-2026-33646

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.3.10, mise processes .tool-versions files through the Tera template e...

jdx mise < 2026.3.10 CVE
HIGH 7.5 CVE-2026-48743

Envoy: HTTP/3 to HTTP/1 request smuggling via headers-only request with nonzero Content-Length_CVE-2026-48743

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can tran...

envoyproxy envoy >= 1.38.0, < 1.38.1 CVE
MEDIUM 5.9 CVE-2026-48706

Envoy Heap Buffer Overflow in TcpStatsdSink_CVE-2026-48706

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vul...

envoyproxy envoy >= 1.38.0, < 1.38.3 CVE
MEDIUM 5.9 CVE-2026-48497

Envoy: Abnormal process termination in DNS UDP filter_CVE-2026-48497

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where...

envoyproxy envoy >= 1.38.0, < 1.38.1 CVE
HIGH 7.5 CVE-2026-48044

Envoy Zstd Decompressor: Ratio Check at Wrong Loop Depth lead to memory explosion_CVE-2026-48044

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.23.0 until 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vu...

envoyproxy envoy >= 1.38.0, < 1.38.1 CVE