Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

279 New today

66,699 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

279

Jun 29

Jun 30

Critical

High

Medium

Low

Latest

CVE CVSS 7.8

CVE-2026-57919_CVE-2026-57919

PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe (\\.\pipe\PBackupVSS) with a DACL that grants GENERIC_READ and GENERIC_WRITE permissions to all authenticated users. A low-privileged local attacker can connect to this pipe and send craft...

CVE-2026-57919 n/a n/a n/a

Jun 29, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.6	CVE-2026-57498	Coolify Cross-Team IDOR: Livewire Components Accept Unscoped server_id and destination_uuid — Deploy to Other Teams’ Servers_CVE-2026-57498 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, Coolify's API controll...	coollabsio	coolify < 4.0.0-beta.474	Jun 29, 2026	CVE
CRITICAL 9.8	CVE-2026-13763	HTTP/2 Stream Parser Confusion Body-Inspection Bypass in AWS Application Load Balancer with AWS WAF_CVE-2026-13763 Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might allow remote actors to bypass AWS WAF ma...	AWS	AWS Application Load Balancer	Jun 29, 2026	CVE
CRITICAL 9.8	CVE-2026-13762	HTTP/2 Stream Parser Confusion Body-Inspection Bypass in Amazon CloudFront with AWS WAF_CVE-2026-13762 Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule b...	AWS	Amazon CloudFront	Jun 29, 2026	CVE
NONE	THN:C8391FC028E...	Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input_THN:C8391FC028E73E226BA3BA54EF61F2E4 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOcObOpyIQZzuiNoFu6Lv4jCDh64o1WYrC3stGdk58mMRg69RT56svVrXVwu618f6szk2lj_Tqbt6b7Rg25y...	N/A	N/A	Jun 29, 2026	THN
NONE	0E17DEF0-1222-	xss_writte_up_0E17DEF0-1222-52CC-A48C-346FDC06E436 Bug-Bounty-Writeups...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
NONE	E6D0A451-B59B-	protection_E6D0A451-B59B-5672-A0DD-F0FAC9CFACFB 🛡️ protection Kernel-level abuse protection for container hosts One static Go binary that guards Pterodactyl/Wings nodes, Docker hosts and bare VPS...	N/A	N/A	Jun 29, 2026	GITHUBEXPLOIT
HIGH 8.3	CVE-2026-57960	Hi.Events 1.9.0 – Unauthenticated Attendee PII Exposure via Check-in List short_id_CVE-2026-57960 Hi.Events through 1.9.0 public check-in list endpoints use short_id as sole access control, allowing unauthenticated access to retrieve full attend...	HiEventsDev	Hi.Events	Jun 29, 2026	CVE
HIGH 8.2	CVE-2026-57959	Hi.Events 1.9.0 – Promo Code Max-Usage Bypass via Asynchronous Job Race Condition_CVE-2026-57959 Hi.Events through 1.9.0 contains a promo code validation vulnerability where reservation validates usage count before asynchronous UpdateEventStati...	HiEventsDev	Hi.Events	Jun 29, 2026	CVE
MEDIUM 5.1	CVE-2026-57958	Mixpost 2.6.0 – Reflected XSS via OAuth Callback Error Parameter_CVE-2026-57958 Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript...	inovector	mixpost	Jun 29, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CVE-2026-57919_CVE-2026-57919

Recent Advisories

Coolify Cross-Team IDOR: Livewire Components Accept Unscoped server_id and destination_uuid — Deploy to Other Teams’ Servers_CVE-2026-57498

HTTP/2 Stream Parser Confusion Body-Inspection Bypass in AWS Application Load Balancer with AWS WAF_CVE-2026-13763

HTTP/2 Stream Parser Confusion Body-Inspection Bypass in Amazon CloudFront with AWS WAF_CVE-2026-13762

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input_THN:C8391FC028E73E226BA3BA54EF61F2E4

xss_writte_up_0E17DEF0-1222-52CC-A48C-346FDC06E436

protection_E6D0A451-B59B-5672-A0DD-F0FAC9CFACFB

Hi.Events 1.9.0 – Unauthenticated Attendee PII Exposure via Check-in List short_id_CVE-2026-57960

Hi.Events 1.9.0 – Promo Code Max-Usage Bypass via Asynchronous Job Race Condition_CVE-2026-57959

Mixpost 2.6.0 – Reflected XSS via OAuth Callback Error Parameter_CVE-2026-57958

Protect Your Attack Surface with RedGem

Security Intelligence
Feed