Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

141 New today

59,310 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

202

May 22

May 23

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

151

Jun 3

Jun 4

Critical

High

Medium

Low

Latest

CVE CVSS 3.7

Header injection via WebSocket upgrade parser differential allows ASGI scope header spoofing_CVE-2026-44546

daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, \x0c, \x1c, \x1d, \x1e, or \x85 as header line separators, but autobahn decodes header values to str and ...

CVE-2026-44546 djangoproject daphne 4.2.0

Jun 3, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-44545	Unbounded WebSocket message and frame sizes can cause unauthenticated remote denial of service_CVE-2026-44545 daphne before 4.2.2 did not pass maxFramePayloadSize or maxMessagePayloadSize to Autobahn's WebSocketServerFactory. Because Autobahn defaults both ...	djangoproject	daphne 4.2.0	Jun 3, 2026	CVE
LOW 3.1	CVE-2026-35193	Potential exposure of private data via missing Vary: Authorization in UpdateCacheMiddleware_CVE-2026-35193 An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not add `A...	djangoproject	Django 6.0	Jun 3, 2026	CVE
LOW 1.2	CVE-2026-10729	HTML injection in the notification email for “Slow Redirect” and “Cloned Website” Canarytokens_CVE-2026-10729 An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research ...	Thinkst Applied Research	Canarytokens sha-c42435e	Jun 3, 2026	CVE
HIGH 10	2D33D81A-E898-	Exploit for Improper Access Control in Proftpd_2D33D81A-E898-5537-AD2E-9F2BC986C1A4 OpenVAS-Vulnerability-Analysis-Incident-Response-Report Real-World Simulation: FTP Service Exploitation ProFTPD CVE-2015-3306 Real-World Simulation...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
CRITICAL 10	93A59886-B99C-	Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware_93A59886-B99C-532C-9C2C-E718BDD5A455 No description provided...	N/A	N/A	Jun 3, 2026	GITHUBEXPLOIT
NONE	HACKREAD:93443D...	China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware_HACKREAD:93443D81D99E6FE7DD468FCD1243129A Proofpoint says TA4922, a suspected China aligned cybercrime group, is targeting UK and European organisations with tax, payroll and benefits theme...	N/A	N/A	Jun 3, 2026	HACKREAD
NONE	MALWAREBYTES:F8...	Keep getting calls from questionable numbers? Meet Scam Number Check_MALWAREBYTES:F86523D3C4E39D1DC663BAAB70640D79 Have you ever gotten a phone call and had a gut feeling that those random digits looked extra suspicious? It happens to millions of people every da...	N/A	N/A	Jun 3, 2026	MALWAREBYTES
HIGH 8.8	THN:280C3ABDE44...	Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)_THN:280C3ABDE4442D135F19D04EF30131D6 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTV6zPqD9KC3Rc5Mz9c8XENLiJntboDT6LIoD3L2FXlTUVC3rsWZ_3YLfe_jmhhyphenhyphenjb5RCwkTsd...	N/A	N/A	Jun 3, 2026	THN
NONE	THN:85408B68817...	One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens_THN:85408B688171B629462ECA4B4523594A ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeHvqmNHvAhdxgoBLbfFWsFBMdvH5SbJovunxx8AYHRkq7HOQ2l6I_ZaJGi_PF5WHKOlHEQHK4HyPBhmzOpY...	N/A	N/A	Jun 3, 2026	THN

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Header injection via WebSocket upgrade parser differential allows ASGI scope header spoofing_CVE-2026-44546

Recent Advisories

Unbounded WebSocket message and frame sizes can cause unauthenticated remote denial of service_CVE-2026-44545

Potential exposure of private data via missing Vary: Authorization in UpdateCacheMiddleware_CVE-2026-35193

HTML injection in the notification email for “Slow Redirect” and “Cloned Website” Canarytokens_CVE-2026-10729

Exploit for Improper Access Control in Proftpd_2D33D81A-E898-5537-AD2E-9F2BC986C1A4

Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware_93A59886-B99C-532C-9C2C-E718BDD5A455

China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware_HACKREAD:93443D81D99E6FE7DD468FCD1243129A

Keep getting calls from questionable numbers? Meet Scam Number Check_MALWAREBYTES:F86523D3C4E39D1DC663BAAB70640D79

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)_THN:280C3ABDE4442D135F19D04EF30131D6

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens_THN:85408B688171B629462ECA4B4523594A

Protect Your Attack Surface with RedGem

Security Intelligence
Feed