Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

355 New today

66,018 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

355

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 7.7

SALESmanago & Leadoo < 3.11.3 - Subscriber+ SQL Injection_CVE-2026-10835

The SALESmanago & Leadoo WordPress plugin before 3.11.3 does not properly sanitise and escape a parameter passed to one of its AJAX actions before using it in a SQL statement, and fails to enforce authorisation on that action, allowing authenticated users with minimal permissi...

CVE-2026-10835 Unknown SALESmanago & Leadoo

Jun 26, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-49486	Apache Airflow FTP provider: FTP Provider does not protect FTPS data channel (missing PROT_P)_CVE-2026-49486 The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control...	Apache Software Foundation	Apache Airflow FTP provider	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-11702	Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes_CVE-2026-11702 Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before for...	DAVIDO	Bytes::Random::Secure::Tiny	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-11625	Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes_CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, o...	DAVIDO	Bytes::Random::Secure	Jun 26, 2026	CVE
HIGH 7.3	CVE-2026-57915	Apache Kerby: Kerberos Pre-Authentication Bypass_CVE-2026-57915 It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users...	Apache Software Foundation	Apache Kerby	Jun 26, 2026	CVE
MEDIUM 6.8	CVE-2026-9699	Mattermost Agents plugin logs unsanitized OpenAI API keys on authentication errors_CVE-2026-9699 Mattermost Plugins versions	Mattermost	Mattermost	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57667	WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability_CVE-2026-57667 Sales Representative SQL Injection in Groundhogg	Adrian Tobey	Groundhogg n/a	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2026-57665	WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-57665 Unauthenticated Insecure Direct Object References (IDOR) in GravityView	GravityKit	GravityView n/a	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2026-57664	WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability_CVE-2026-57664 Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder	VillaTheme	Bopo – WooCommerce Product Bundle Builder n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57663	WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability_CVE-2026-57663 Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes	Igor Benic	Recipe Maker For Your Food Blog from Zip Recipes n/a	Jun 26, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

SALESmanago & Leadoo < 3.11.3 - Subscriber+ SQL Injection_CVE-2026-10835

Recent Advisories

Apache Airflow FTP provider: FTP Provider does not protect FTPS data channel (missing PROT_P)_CVE-2026-49486

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes_CVE-2026-11702

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes_CVE-2026-11625

Apache Kerby: Kerberos Pre-Authentication Bypass_CVE-2026-57915

Mattermost Agents plugin logs unsanitized OpenAI API keys on authentication errors_CVE-2026-9699

WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability_CVE-2026-57667

WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-57665

WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability_CVE-2026-57664

WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability_CVE-2026-57663

Protect Your Attack Surface with RedGem

Security Intelligence
Feed