Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

242 New today

66,643 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

223

Jun 29

Critical

High

Medium

Low

Latest

GITHUBEXPLOIT

protection_E6D0A451-B59B-5672-A0DD-F0FAC9CFACFB

🛡️ protection Kernel-level abuse protection for container hosts One static Go binary that guards Pterodactyl/Wings nodes, Docker hosts and bare VPS boxes against miners, DDoS tools, port scans, zip bombs and exploits — then alerts and shuts them down...

E6D0A451-B59B-5672-A0DD-F0FAC9CFACFB

Jun 29, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.3	CVE-2026-57960	Hi.Events 1.9.0 – Unauthenticated Attendee PII Exposure via Check-in List short_id_CVE-2026-57960 Hi.Events through 1.9.0 public check-in list endpoints use short_id as sole access control, allowing unauthenticated access to retrieve full attend...	HiEventsDev	Hi.Events	Jun 29, 2026	CVE
HIGH 8.2	CVE-2026-57959	Hi.Events 1.9.0 – Promo Code Max-Usage Bypass via Asynchronous Job Race Condition_CVE-2026-57959 Hi.Events through 1.9.0 contains a promo code validation vulnerability where reservation validates usage count before asynchronous UpdateEventStati...	HiEventsDev	Hi.Events	Jun 29, 2026	CVE
MEDIUM 5.1	CVE-2026-57958	Mixpost 2.6.0 – Reflected XSS via OAuth Callback Error Parameter_CVE-2026-57958 Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript...	inovector	mixpost	Jun 29, 2026	CVE
LOW 2.3	CVE-2026-57957	Papermark 0.22.0 – CORS Misconfiguration in Viewer Upload Endpoint_CVE-2026-57957 Papermark through 0.22.0 contains a cross-origin resource sharing (CORS) misconfiguration vulnerability that allows unauthenticated remote attacker...	papermark	papermark	Jun 29, 2026	CVE
MEDIUM 6.1	CVE-2026-57956	SigNoz 0.130.1 – Cross-Organization Insecure Direct Object Reference in Alert Rules_CVE-2026-57956 SigNoz through 0.130.1 contains a broken access control vulnerability that allows authenticated users to access other organizations' alert rules by...	SigNoz	signoz	Jun 29, 2026	CVE
HIGH 8.3	CVE-2026-57955	SigNoz 0.130.1 – SQL Injection in Alert History Endpoints via Rule ID Parameter_CVE-2026-57955 SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute arbitrary ClickHouse queries by inject...	SigNoz	signoz	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-57954	Elide 7.1.17 – Permission Bypass in Sort Expression Validation_CVE-2026-57954 Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers t...	yahoo	elide	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-57953	Mythic < 3.4.0.60 - Unauthorized Automation Workflow Modification via eventing_import_automatic_webhook Endpoint_CVE-2026-57953 Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform unauthorized write ...	its-a-feature	Mythic	Jun 29, 2026	CVE
MEDIUM 6	CVE-2026-57952	Mythic < 3.4.0.60 - Unauthorized C2 Profile Configuration Access via Unverified Payload UUID_CVE-2026-57952 Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_ru...	its-a-feature	Mythic	Jun 29, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

protection_E6D0A451-B59B-5672-A0DD-F0FAC9CFACFB

Recent Advisories

Hi.Events 1.9.0 – Unauthenticated Attendee PII Exposure via Check-in List short_id_CVE-2026-57960

Hi.Events 1.9.0 – Promo Code Max-Usage Bypass via Asynchronous Job Race Condition_CVE-2026-57959

Mixpost 2.6.0 – Reflected XSS via OAuth Callback Error Parameter_CVE-2026-57958

Papermark 0.22.0 – CORS Misconfiguration in Viewer Upload Endpoint_CVE-2026-57957

SigNoz 0.130.1 – Cross-Organization Insecure Direct Object Reference in Alert Rules_CVE-2026-57956

SigNoz 0.130.1 – SQL Injection in Alert History Endpoints via Rule ID Parameter_CVE-2026-57955

Elide 7.1.17 – Permission Bypass in Sort Expression Validation_CVE-2026-57954

Mythic < 3.4.0.60 - Unauthorized Automation Workflow Modification via eventing_import_automatic_webhook Endpoint_CVE-2026-57953

Mythic < 3.4.0.60 - Unauthorized C2 Profile Configuration Access via Unverified Payload UUID_CVE-2026-57952

Protect Your Attack Surface with RedGem

Security Intelligence
Feed