Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

204 New today
66,829 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
376
Jun 25
386
Jun 26
53
Jun 27
318
Jun 28
284
Jun 29
125
Jun 30
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 CVE-2026-9711

EventON – WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection via Search Parameter_CVE-2026-9711

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress (full) is vulnerable to SQL Injection via the WordPress 'search' paramet...

EventON EventON (Pro) - WordPress Virtual Event Calendar Plugin CVE
HIGH 7.2 CVE-2026-8141

Ajax Load More – Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting via 'taxonomy_include_children' Field_CVE-2026-8141

The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomy_include_children' parameter in all...

Connekt Media Ajax Load More - Filters CVE
MEDIUM 5.1 CVE-2026-6954

Multiple vulnerabilities in Intermark IT’s WebControl CMS_CVE-2026-6954

Cross-Site Scripting (XSS) vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to execute JavaScript code or...

Intermark IT WebControl CMS CVE
MEDIUM 5.1 CVE-2026-6953

Multiple vulnerabilities in Intermark IT’s WebControl CMS_CVE-2026-6953

HTML injection vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to send an email containing malicious HTM...

Intermark IT WebControl CMS CVE
HIGH 7.7 CVE-2026-13149

CVE-2026-13149_CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand() function exhibits exponential-time complexity in the number of conse...

juliangruber brace-expansion CVE
MEDIUM 6.4 CVE-2026-12610

Sssd: use-after-free crash in sssd’ ‘sssd_pam’ process_CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memor...

Red Hat Red Hat Enterprise Linux 10 CVE
CRITICAL 9.3 CVE-2026-12076

SQL Injection in Raytha CMS_CVE-2026-12076

Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to...

Raytha Raytha 1.5.2 CVE
HIGH 7 CVE-2026-10763

CVE-2026-10763_CVE-2026-10763

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server.

Hitachi Energy PROMOD V 1.0.0 CVE
MEDIUM 4.4 CVE-2026-13316

Foreman: ssrf to cloud metada service through unvalidated test_url parameters in foreman config_CVE-2026-13316

A flaw has been found in foreman when HTTP parameters are modified in http_proxies_controller and http_proxy files. Attackers can perform an SSRF a...

Red Hat Red Hat Satellite 6 CVE