/

Threat Intelligence Feed

Aggregating 3582 articles from trusted cybersecurity sources

/
All General Vulnerability Disclosure CVE Campaigns Data Breach Malware Ransomware Zero-Day
LATEST CVEs
HIGH · CVE-2026-49371 In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible CVE-2026-49370 In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests MED · CVE-2026-49369 In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on Users and Groups pages HIGH · CVE-2026-49368 In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible HIGH · CVE-2026-49367 In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account HIGH · CVE-2026-49366 In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion MED · CVE-2026-47745 Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, the admin tables for PaymentMethods, Currencies and Carrie CRIT · CVE-2026-47744 Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct authorization defects in the team settings al MED · CVE-2026-47742 Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Sub-form Livewire components used in the product editor (E MED · CVE-2026-47741 Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, CreateOrderFromCartAction::execute previously created the HIGH · CVE-2026-47740 Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Or HIGH · CVE-2026-46372 SillyTavern is a locally installed user interface that allows users to interact with text generation large language mode MED · CVE-2026-46344 liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prio CVE-2026-44652 SillyTavern is a locally installed user interface that allows users to interact with text generation large language mode CVE-2026-44651 SillyTavern is a locally installed user interface that allows users to interact with text generation large language mode CRIT · CVE-2026-44650 SillyTavern is a locally installed user interface that allows users to interact with text generation large language mode CRIT · CVE-2026-44649 SillyTavern is a locally installed user interface that allows users to interact with text generation large language mode HIGH · CVE-2026-44648 SillyTavern is a locally installed user interface that allows users to interact with text generation large language mode MED · CVE-2026-44611 Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is su MED · CVE-2026-44518 liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prio MED · CVE-2026-42951 An authenticated user can download a backup of the Danelec MacGregor Voyage Data Recorder device which includes accoun HIGH · CVE-2026-42941 The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password c HIGH · CVE-2026-42929 Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials. MED · CVE-2026-40425 The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive file CRIT · CVE-2026-7786 Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintex HIGH · CVE-2026-6824 A stored cross-site scripting (XSS) vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitiza HIGH · CVE-2026-5768 The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing p CRIT · CVE-2026-5386 The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an HIGH · CVE-2026-47179 Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.4, ProjectService.Ge HIGH · CVE-2026-47125 Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/envi CVE-2026-45668 Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bas CRIT · CVE-2026-45661 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.5 and earlier, a critical path traversal vulnerab MED · CVE-2026-45660 Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.73.22 and 6.18.1, the Glide image prox CRIT · CVE-2026-45633 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.6 and earlier, Dokploy contains a command injecti CRIT · CVE-2026-45632 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.7 and earlier, the schedule router does not enfor CRIT · CVE-2026-45631 Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SEC CRIT · CVE-2026-45630 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection CRIT · CVE-2026-45629 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection CRIT · CVE-2026-45628 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.2 and earlier, Dokploy constructs shell commands HIGH · CVE-2026-45627 Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, the unauthenticat
1491 General 459 Vulnerability Disclosure 440 CVE 266 Campaigns 202 Data Breach 183 Malware

Trending Vendors

Microsoft (414) Google (206) Amazon (151) Intel (100) Apple (99) Linux (91) Cisco (82) GitHub (76) Palo Alto Networks (72) Oracle (36) Cloudflare (25) Rapid7 (25) Check Point (23) F5 (23) Trend Micro (22)

Latest News

CSO Online General

CISOs step into the AI spotlight

Serving in the military requires a precise, tactical mindset, and that’s exactly what Barry Hensley espoused during his 24 years in the US Army, where he ros...

CSO Online →

Data Breaches

FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA