Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

208 New today

59,492 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

May 23

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

151

Jun 3

208

Jun 4

Jun 5

Critical

High

Medium

Low

Latest

CVE CVSS 7.5

HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities_CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS routine backing HTML::Entities::_decode_entities cached a pointer (repl) into the entity-value SV returned by hv_fetch on the entity2char hash. When the input SV was identical to a...

CVE-2026-8829 OALDERS HTML::Entities

Jun 4, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.6	CVE-2026-8037	OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF_CVE-2026-8037 OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary c...	Progress Software	LoadMaster V7.2.60.0	Jun 4, 2026	CVE
HIGH 8.7	CVE-2026-45433	Hardcoded Cryptographic Key Vulnerability in GX Earth ONT Models_CVE-2026-45433 This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacke...	GX INDIA	GX Earth 2022 version E2022 - 3.1.2A	Jun 4, 2026	CVE
MEDIUM 6.3	CVE-2026-43926	FOSSBilling’s password reset confirmation endpoint lacks rate limiting_CVE-2026-43926 FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the password reset confirmation endpoint `/client/...	FOSSBilling	FOSSBilling < 0.8.0	Jun 4, 2026	CVE
MEDIUM 5.7	CVE-2026-40605	Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API_CVE-2026-40605 Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache...	Tautulli	Tautulli < 2.17.1	Jun 4, 2026	CVE
MEDIUM 5.1	CVE-2026-10861	MISP post-login open redirect via pre_login_requested_url_CVE-2026-10861 An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url session k...	misp	misp	Jun 4, 2026	CVE
MEDIUM 5.1	CVE-2026-10856	Open redirect in MISP dashboard button widget URL handling_CVE-2026-10856 A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpr...	misp	misp	Jun 4, 2026	CVE
MEDIUM 5.1	CVE-2026-10855	MISP Event template importer authorization bypass_CVE-2026-10855 An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the appli...	misp	misp	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-10854	Unauthorized exposure of private galaxies in MISP event template creation_CVE-2026-10854 A visibility control issue in the event template creation workflow allowed non-site-admin users to access private galaxies belonging to other organ...	misp	misp	Jun 4, 2026	CVE
MEDIUM 5.3	CVE-2026-10810	itsourcecode Fees Management System navbar.php cross site scripting_CVE-2026-10810 A weakness has been identified in itsourcecode Fees Management System up to 1.0. Affected is an unknown function of the file /navbar.php. This mani...	itsourcecode	Fees Management System 1.0	Jun 4, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities_CVE-2026-8829

Recent Advisories

OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF_CVE-2026-8037

Hardcoded Cryptographic Key Vulnerability in GX Earth ONT Models_CVE-2026-45433

FOSSBilling’s password reset confirmation endpoint lacks rate limiting_CVE-2026-43926

Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API_CVE-2026-40605

MISP post-login open redirect via pre_login_requested_url_CVE-2026-10861

Open redirect in MISP dashboard button widget URL handling_CVE-2026-10856

MISP Event template importer authorization bypass_CVE-2026-10855

Unauthorized exposure of private galaxies in MISP event template creation_CVE-2026-10854

itsourcecode Fees Management System navbar.php cross site scripting_CVE-2026-10810

Protect Your Attack Surface with RedGem

Security Intelligence
Feed