Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

324 New today
65,969 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
306
Jun 26
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.9 CVE-2026-54753

Nx: `nx graph` dev server permissive CORS policy_CVE-2026-54753

Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx gr...

nrwl nx >= 17.0.4, < 22.7.2 CVE
MEDIUM 5.9 CVE-2026-48090

Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash risk)_CVE-2026-48090

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter ...

envoyproxy envoy >= 1.38.0, < 1.38.3 CVE
HIGH 7.5 CVE-2026-47220

Envoy: Segmentation fault when using %REQUESTED_SERVER_NAME% in log format_CVE-2026-47220

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SER...

envoyproxy envoy >= 1.38.0, < 1.38.3 CVE
MEDIUM 5.9 CVE-2026-47205

Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides_CVE-2026-47205

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Fr...

envoyproxy envoy >= 1.38.0, < 1.38.3 CVE
NONE 5A30AF6D-A3F1-

MamaBaohe-ERP-SQLi_5A30AF6D-A3F1-5C05-9042-C5ED3EF4AAB8

MamaBaohe ERP Management Cloud Platform SQL Injection Overview | Field | Value | |-------|-------| | Product | Maternal and Child Health ERP Manage...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 C1779145-9574-

Exploit for OS Command Injection in Cacti_C1779145-9574-5457-B610-1891430BF6B2

CVE-2026-39938: Cacti " 3.2 Execute the Code by Including Log File bash curl -k -s "http://target-cacti/graphimage.php?action=view&localgraphid=1&g...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 2A8C8CE0-592F-

Exploit for Missing Authentication for Critical Function in Splunk_2A8C8CE0-592F-566A-AD1D-9DB21DEE0C60

CVE-2026-20253 - Splunk Enterprise Pre-Auth RCE PoC ⚠️ ADVERTENCIA: Este script es solo para fines educativos y de prueba en entornos autorizados. ...

N/A N/A GITHUBEXPLOIT
NONE WIRED:A213F3A81...

The Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security Officials_WIRED:A213F3A81A603E96CA725AEEADB603F7

Exposed records from the private group included the personal information of a senior White House intelligence official and an active-duty special o...

N/A N/A WIRED
NONE SCHNEIER:DF7402...

Meta Is Testing Facial Recognition for Police and Military_SCHNEIER:DF74028FA7E40C4996C0D41330A90633

We know that ICE wants to deploy eyeglasses with facial recognition that can identify people in real time. Turns out Meta is prototyping the featu...

N/A N/A SCHNEIER