Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

234 New today

65,696 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE CVSS 6.5

Groundhogg <= 4.5.4 - Authenticated (Custom+) SQL Injection via 'after' Parameter_CVE-2026-13226

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'after' parameter in all versions up to, and including, 4.5.4 due to insufficient escaping on the user supplied parameter and lack of sufficient prep...

CVE-2026-13226 trainingbusinesspros Groundhogg — CRM, Newsletters, and Marketing Automation

Jun 26, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	921E88F8-3925-	Exploit for CVE-2026-43503_921E88F8-3925-519D-9067-4928D48E9B4D CVE-2026-43503 — DirtyClone Linux local privilege escalation. A cloned skbuff loses the SKBFLSHAREDFRAG flag, so ESP in-place decryption writes int...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	1BF0634C-CE51-	Binary-Exploitation-and-Reverse-Engineering_1BF0634C-CE51-5BC4-9278-E457B1143B09 Binary Exploitation & Reverse Engineering Lab Hands-on memory-corruption exploitation and reverse engineering. Three escalating exploitation challe...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	MSSECURE:AA575A...	Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access_MSSECURE:AA575A60004644ACAFBF2293B2100746 In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. References 4. Learn more Microsoft Threat Intelligen...	N/A	N/A	Jun 25, 2026	MSSECURE
HIGH 7.1	CVE-2026-40941	Cacti: Package Import Signature Validation Bypass Allows Self-Signed Packages_CVE-2026-40941 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass all...	Cacti	cacti < 1.2.31	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-40084	Cacti: Arbitrary File Read via Path Traversal in Report `format_file` Parameter_CVE-2026-40084 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report ...	Cacti	cacti < 1.2.31	Jun 25, 2026	CVE
HIGH 7.2	CVE-2026-40083	Cacti: SQL Injection in managers.php_CVE-2026-40083 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+im...	Cacti	cacti < 1.2.31	Jun 25, 2026	CVE
MEDIUM 5.4	CVE-2026-40082	Cacti: Session Fixation via missing session_regenerate_id() after login_CVE-2026-40082 Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing session_regenerate_id() after login, lea...	Cacti	cacti < 1.2.31	Jun 25, 2026	CVE
CRITICAL 9.2	CVE-2026-9222	Setracker2 Children’s Smartwatch Ecosystem Use of password hash instead of password for authentication_CVE-2026-9222 Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior only require the password hash when authenticating with backend serv...	Shenzhen i365-Tech Co. Ltd.	Setracker2 Parental Control App (Android) package com.tgelec.setracker 3.1.5	Jun 25, 2026	CVE
HIGH 8.7	CVE-2026-9221	Setracker2 Children’s Smartwatch Ecosystem Use of a Broken or Risky Cryptographic Algorithm_CVE-2026-9221 The Setracker2 Android Companion App (com.tgelec.setracker) versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating ...	Shenzhen i365-Tech Co. Ltd.	Setracker2 Parental Control App (Android) package com.tgelec.setracker	Jun 25, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Groundhogg <= 4.5.4 - Authenticated (Custom+) SQL Injection via 'after' Parameter_CVE-2026-13226

Recent Advisories

Exploit for CVE-2026-43503_921E88F8-3925-519D-9067-4928D48E9B4D

Binary-Exploitation-and-Reverse-Engineering_1BF0634C-CE51-5BC4-9278-E457B1143B09

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access_MSSECURE:AA575A60004644ACAFBF2293B2100746

Cacti: Package Import Signature Validation Bypass Allows Self-Signed Packages_CVE-2026-40941

Cacti: Arbitrary File Read via Path Traversal in Report `format_file` Parameter_CVE-2026-40084

Cacti: SQL Injection in managers.php_CVE-2026-40083

Cacti: Session Fixation via missing session_regenerate_id() after login_CVE-2026-40082

Setracker2 Children’s Smartwatch Ecosystem Use of password hash instead of password for authentication_CVE-2026-9222

Setracker2 Children’s Smartwatch Ecosystem Use of a Broken or Risky Cryptographic Algorithm_CVE-2026-9221

Protect Your Attack Surface with RedGem

Security Intelligence
Feed