Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

140 New today
59,291 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

202
May 22
67
May 23
111
May 24
204
May 25
336
May 26
455
May 27
326
May 28
451
May 29
206
May 30
84
May 31
417
Jun 1
295
Jun 2
151
Jun 3
7
Jun 4
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
NONE FEF41599-6B58-

1click-gh-token-stealing-via-vscode-POC_FEF41599-6B58-5BDB-BB48-0E38230B7291

1-Click GitHub Token Stealing via VSCode Proof-of-Concept exploit for a critical VS Code zero-day vulnerability that allows attackers to steal GitH...

N/A N/A GITHUBEXPLOIT
MEDIUM 6.3 CVE-2026-35716

CVE-2026-35716_CVE-2026-35716

A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers t...

n/a n/a n/a CVE
HIGH 7.3 CVE-2026-30649

CVE-2026-30649_CVE-2026-30649

Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component

n/a n/a n/a CVE
LOW 3.1 CVE-2026-8404

Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware_CVE-2026-8404

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not match ...

djangoproject Django 6.0 CVE
LOW 3.1 CVE-2026-7666

Potential unencrypted email transmission via STARTTLS in the SMTP backend_CVE-2026-7666

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.core.mail.backends.smtp.EmailBackend` in Django fails to prevent ...

djangoproject Django 6.0 CVE
LOW 3.1 CVE-2026-6873

Signed cookie salt namespace collision in django.http.HttpRequest.get_signed_cookie_CVE-2026-6873

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpRequest.get_signed_cookie` in Django uses a non-injectiv...

djangoproject Django 6.0 CVE
HIGH 8 CVE-2026-5241

Policy Bypass in LightGlue Nested Config Resolution in huggingface/transformers_CVE-2026-5241

A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to exe...

huggingface huggingface/transformers unspecified CVE
LOW 3.1 CVE-2026-48587

Potential exposure of private data via whitespace padding in Vary header_CVE-2026-48587

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.has_vary_header()` in Django does not strip leading o...

djangoproject Django 6.0 CVE
MEDIUM 6.9 CVE-2026-47325

Weak password policy in ProjectsAndPrograms school-management-system_CVE-2026-47325

ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s da...

ProjectsAndPrograms school-management-system 6b6fae5 CVE