Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

229 New today

66,622 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

202

Jun 29

Critical

High

Medium

Low

Latest

CVE CVSS 6.9

Teable – Unauthenticated Hidden Field Disclosure via Projection Parameter Override_CVE-2026-56781

Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden...

CVE-2026-56781 teableio teable

Jun 29, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.7	CVE-2026-56780	Modoboa < 2.9.0 - Insecure Direct Object Reference in Account Password Change API_CVE-2026-56780 Modoboa before 2.9.0 contains an insecure direct object reference vulnerability in the PUT /api/v1/accounts/{pk}/password/ endpoint that allows dom...	modoboa	modoboa	Jun 29, 2026	CVE
HIGH 7.7	CVE-2026-56285	Nitter – Server-Side Request Forgery in /video Media Proxy Endpoint_CVE-2026-56285 Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and uses a hardcoded default HMAC key, allowing unauth...	zedeus	nitter	Jun 29, 2026	CVE
MEDIUM 6.9	CVE-2026-13592	liftoff-sr CIPster EtherNet IP Message append out-of-bounds write_CVE-2026-13592 A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d3504b783ccdb6287f3e4. Affected by this issue is the function BufWriter...	liftoff-sr	CIPster e8e9dba09bf56962807d3504b783ccdb6287f3e4	Jun 29, 2026	CVE
CRITICAL 9.3	CVE-2026-11720	Path Traversal in googleapis/mcp-toolbox HTTP Tool URL Builder_CVE-2026-11720 A path traversal vulnerability exists in the HTTP tool URL builder of googleapis/mcp-toolbox. When constructing downstream API requests, the URL b...	Google	MCP Toolbox for Databases (googleapis/mcp-toolbox)	Jun 29, 2026	CVE
HIGH 7.5	CVE-2026-49049	Joomla Extension – joomshaper.com – Unauthenticated access to Helix3 template ajax handler_CVE-2026-49049 The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON fi...	joomshaper.com	Helix3 extension for Joomla 1.0-3.1.1	Jun 29, 2026	CVE
MEDIUM 6.8	CVE-2026-9105	Authenticated Stack-Based Buffer Overflow in TP-Link TL-WR841N Web Interface_CVE-2026-9105 An authenticated stack-based buffer overflow vulnerability exists in the web management interface of TP-Link TL-WR841N v14. A remote authenticated...	TP-Link Systems Inc.	TL-WR841N v14	Jun 29, 2026	CVE
CRITICAL 9.4	CVE-2026-41052	Rancher Privilege Escalation from Project Owner to Host_CVE-2026-41052 Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 bef...	SUSE	Rancher 2.12.0	Jun 29, 2026	CVE
MEDIUM 5.5	CVE-2026-13750	Snowflake CLI Sensitive Credential Exposure Through Debug Logging_CVE-2026-13750 Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be written to persistent...	Snowflake	Snowflake CLI 3.0.0	Jun 29, 2026	CVE
HIGH 8.8	CVE-2026-13749	Snowflake CLI Arbitrary Code Execution via Snowpark Annotation Processor Template Injection_CVE-2026-13749 Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execu...	Snowflake	Snowflake CLI 2.4.0	Jun 29, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Teable – Unauthenticated Hidden Field Disclosure via Projection Parameter Override_CVE-2026-56781

Recent Advisories

Modoboa < 2.9.0 - Insecure Direct Object Reference in Account Password Change API_CVE-2026-56780

Nitter – Server-Side Request Forgery in /video Media Proxy Endpoint_CVE-2026-56285

liftoff-sr CIPster EtherNet IP Message append out-of-bounds write_CVE-2026-13592

Path Traversal in googleapis/mcp-toolbox HTTP Tool URL Builder_CVE-2026-11720

Joomla Extension – joomshaper.com – Unauthenticated access to Helix3 template ajax handler_CVE-2026-49049

Authenticated Stack-Based Buffer Overflow in TP-Link TL-WR841N Web Interface_CVE-2026-9105

Rancher Privilege Escalation from Project Owner to Host_CVE-2026-41052

Snowflake CLI Sensitive Credential Exposure Through Debug Logging_CVE-2026-13750

Snowflake CLI Arbitrary Code Execution via Snowpark Annotation Processor Template Injection_CVE-2026-13749

Protect Your Attack Surface with RedGem

Security Intelligence
Feed