Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

155 New today

65,735 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

GITHUBEXPLOIT CVSS 5.4

Exploit for Cross-site Scripting in Docmost_0D5ACD84-8796-5644-A05C-46FADC4B35D4

CVE-2026-34212 Docmost accepted a javascript: URL inside an attachment node, preserved it through storage and rendering, and turned it back into a clickable anchor in the Docmost origin. Intro I identified, responsibly disclosed, and reproduced a...

0D5ACD84-8796-5644-A05C-46FADC4B35D4

Jun 26, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.4	0A738D4C-E642-	Exploit for Authorization Bypass Through User-Controlled Key in Docmost_0A738D4C-E642-58D3-988B-4E964946EC66 CVE-2026-34213 A low-privileged Docmost user could supply a victim attachmentId to the generic upload endpoint and overwrite another page's stored ...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 7.6	E61DF141-B3A8-	Exploit for CVE-2026-34207_E61DF141-B3A8-537B-8845-233051D12F82 CVE-2026-34207 The SSRF filter checked hostname text, but the actual destination was decided later by DNS. That gap let attacker-controlled Webhook...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
HIGH 8.3	22CFEBF4-738A-	Exploit for Missing Authorization in Plane_22CFEBF4-738A-52AD-B1A9-E066D3D33C80 CVE-2026-46558 Plane’s V2 asset subsystem trusted workspace slugs and asset UUIDs without enforcing the right membership checks, which let one auth...	N/A	N/A	Jun 26, 2026	GITHUBEXPLOIT
NONE	THN:73F078ED386...	New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries_THN:73F078ED386CEDEB92973C14C2CA14DB ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0PC1aWOiorYx2AGD7fl-IVefJBKPJvjy7sMo5MURoMlaq492QcSdpSqqdGZRZk3u3e6BMS7qVzrJXBuWk-k...	N/A	N/A	Jun 26, 2026	THN
CRITICAL 9.3	THN:051D862466E...	CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue_THN:051D862466EBE7A5DE6BB7DD92EA2EA6 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzGOpsiL9b-uwhocEgzazTFR251KJL6pnZAVCmzty7Nx0uR-vZ9r2-WP95IrRaKJtFoUxmBFbqrkt31Yn2MT...	N/A	N/A	Jun 26, 2026	THN
HIGH 7.5	CVE-2026-13283	CVE-2026-13283_CVE-2026-13283 Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific...	Google	Chrome 149.0.7827.201	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-10823	YMC Smart Filter < 3.11.3 - Unauthenticated Private/Draft Post Disclosure_CVE-2026-10823 The YMC Filter WordPress plugin before 3.11.3 does not properly authorize access to one of its REST API endpoints and does not validate a user-supp...	Unknown	YMC Filter	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2025-10268	Printcart Web to Print Product Designer for WooCommerce <= 2.4.8 - Unauthenticated Folder Content Disclosure via Path Traversal_CVE-2025-10268 The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible ...	Unknown	Printcart Web to Print Product Designer for WooCommerce	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-57620	WordPress Exclusive Addons Elementor plugin <= 2.7.9.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57620 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor allow...	Tim Strifler	Exclusive Addons Elementor n/a	Jun 26, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Exploit for Cross-site Scripting in Docmost_0D5ACD84-8796-5644-A05C-46FADC4B35D4

Recent Advisories

Exploit for Authorization Bypass Through User-Controlled Key in Docmost_0A738D4C-E642-58D3-988B-4E964946EC66

Exploit for CVE-2026-34207_E61DF141-B3A8-537B-8845-233051D12F82

Exploit for Missing Authorization in Plane_22CFEBF4-738A-52AD-B1A9-E066D3D33C80

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries_THN:73F078ED386CEDEB92973C14C2CA14DB

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue_THN:051D862466EBE7A5DE6BB7DD92EA2EA6

CVE-2026-13283_CVE-2026-13283

YMC Smart Filter < 3.11.3 - Unauthenticated Private/Draft Post Disclosure_CVE-2026-10823

Printcart Web to Print Product Designer for WooCommerce <= 2.4.8 - Unauthenticated Folder Content Disclosure via Path Traversal_CVE-2025-10268

WordPress Exclusive Addons Elementor plugin <= 2.7.9.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57620

Protect Your Attack Surface with RedGem

Security Intelligence
Feed