Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

155 New today

66,777 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

284

Jun 29

Jun 30

Critical

High

Medium

Low

Latest

CVE CVSS 7.2

CVE-2026-56808_CVE-2026-56808

DGM3103SCT provided by AVTECH Security Corporation contains an OS command injection vulnerability, which may lead to arbitrary command execution with the root privilege by a user who can log in to the web management console of the affected product.

CVE-2026-56808 AVTECH Security Corporation DGM3103SCT firmware version 3.2.5.4 and prior

Jun 30, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.8	CVE-2026-56137	CVE-2026-56137_CVE-2026-56137 RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS command injection vulnerability. If a user loads a specially crafted save-fi...	Gotcha Gotcha Games Inc.	RPG MAKER MV 1.6.3 and earlier	Jun 30, 2026	CVE
HIGH 7.5	CVE-2026-14164	Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()_CVE-2026-14164 A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered_buf pointer m...	Red Hat	Red Hat Enterprise Linux 10	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-12819	DVP-12SE Missing Authentication and Unauthorized Write access Vulnerability_CVE-2026-12819 Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticat...	deltaww	DVP-12SE *	Jun 30, 2026	CVE
CRITICAL 9.3	CVE-2026-12818	DVP-12SE Exposure of Sensitive Information Vulnerability_CVE-2026-12818 Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling (CWE-770) within their Modbus TC...	deltaww	DVP-12SE *	Jun 30, 2026	CVE
HIGH 8	CVE-2026-12240	Export User Data <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion via display_name Field_CVE-2026-12240 The Export User Data plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unserialize func...	qlstudio	Export User Data	Jun 30, 2026	CVE
MEDIUM 6.6	CVE-2026-45822	CVE-2026-45822_CVE-2026-45822 decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode() function splits input on '%' producing N tokens and calls decod...	SamVerschueren	decode-uri-component 0.1.0	Jun 30, 2026	CVE
HIGH 8.4	CVE-2026-12578	DTMSoft – Deserialization of Untrusted Data Vulnerability_CVE-2026-12578 The affected product is vulnerable to a deserialization of untrusted data, which may allow an attacker to execute arbitrary code.	deltaww	DTMSoft *	Jun 30, 2026	CVE
NONE	H1:3832393	curl: libcurl upload read callbacks miss recursive API guard, allowing prohibited multi API reentry and ASAN-confirmed UAF_H1:3832393 ## Summary: Several libcurl upload read callback paths invoke the application-provided CURLOPT_READFUNCTION without marking the easy handle as bein...	N/A	N/A	Jun 29, 2026	HACKERONE
HIGH 8.8	THN:9247B208C4F...	Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs_THN:9247B208C4FFADCDFC198B9F5D16121C ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgEWbrJH-z_uAL6GFaOqplYF1ewSOBvFpaKD24W74VEBaSO-pW3sy0I0e57Bmc9yBKV4vb6zWYaVjd-oTSy2...	N/A	N/A	Jun 30, 2026	THN

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CVE-2026-56808_CVE-2026-56808

Recent Advisories

CVE-2026-56137_CVE-2026-56137

Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()_CVE-2026-14164

DVP-12SE Missing Authentication and Unauthorized Write access Vulnerability_CVE-2026-12819

DVP-12SE Exposure of Sensitive Information Vulnerability_CVE-2026-12818

Export User Data <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion via display_name Field_CVE-2026-12240

CVE-2026-45822_CVE-2026-45822

DTMSoft – Deserialization of Untrusted Data Vulnerability_CVE-2026-12578

curl: libcurl upload read callbacks miss recursive API guard, allowing prohibited multi API reentry and ASAN-confirmed UAF_H1:3832393

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs_THN:9247B208C4FFADCDFC198B9F5D16121C

Protect Your Attack Surface with RedGem

Security Intelligence
Feed