Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

337 New today
65,687 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
24
Jun 26
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.8 CVE-2026-56445

pydicom pynetdicom Library Path Traversal_CVE-2026-56445

The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join() without sanitizat...

pydicom pynetdicom Library 1.0.0 CVE
HIGH 8.3 CVE-2026-12473

OHIF Viewers DICOM Server-Side request forgery_CVE-2026-12473

Two data sources (DICOMWebProxy and DICOMJSON) shipped in the default configuration fetch an arbitrary URL parameter without validation. A global a...

Open Health Imaging Foundation (OHIF) DICOM Web Viewer Framework CVE
MEDIUM 5.9 CVE-2026-8720

HMAC-BLAKE2 final discards message when key length exceeds block size_CVE-2026-8720

wc_Blake2bHmacFinal and wc_Blake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of ...

wolfSSL wolfSSL 5.9.0 CVE
LOW 2.1 CVE-2026-6331

HMAC zero-length tag forgery in EVP_DigestVerifyFinal_CVE-2026-6331

HMAC zero-length tag forgery in EVP_DigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-...

wolfSSL wolfSSL 3.15.5 CVE
MEDIUM 6.3 CVE-2026-6330

ML-KEM ARM64 NEON ciphertext comparison only compares half of the input_CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weake...

wolfSSL wolfSSL 5.7.4 CVE
MEDIUM 6 CVE-2026-6329

PKCS#12 MAC verification uses attacker-controlled comparison length_CVE-2026-6329

PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to b...

wolfSSL wolfSSL 3.10.0 CVE
LOW 2 CVE-2026-6325

Out-of-bounds write in SetSuitesHashSigAlgo on oversized signature algorithms list_CVE-2026-6325

Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destina...

wolfSSL wolfSSL 4.8.0 CVE
LOW 2.1 CVE-2026-6092

Encrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configured_CVE-2026-6092

When HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC.

wolfSSL wolfSSL 5.2.0 CVE
MEDIUM 6 CVE-2026-55962

TLS 1.3 post-handshake authentication: server accepts Finished without client Certificate/CertificateVerify_CVE-2026-55962

TLS 1.3 post-handshake authentication (PHA) issue where a server could accept a client's Finished message without the client having sent a Certific...

wolfSSL wolfSSL 5.5.4 CVE