/

Threat Intelligence Feed

Aggregating 2264 articles from trusted cybersecurity sources

/
All General CVE Vulnerability Disclosure Campaigns Malware Data Breach Ransomware Zero-Day
LATEST CVEs
HIGH · CVE-2026-44513 Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trust_remote_code bypass in DiffusionPip HIGH · CVE-2026-44511 Katalyst Koi is a framework for building Rails admin functionality. Prior to 4.20.0 and 5.6.0, admin session cookies wer CVE-2026-44348 PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in compute_ha MED · CVE-2026-44312 css_parser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0, the CSS Parser gem does not validate HTTPS connections, allo CRIT · CVE-2026-42555 Valtimo is an open-source business process automation platform. com.ritense.valtimo:document from 12.0.0 to before 12.32 HIGH · CVE-2026-20224 A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, MED · CVE-2026-20210 A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, r MED · CVE-2026-20209 A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, r CRIT · CVE-2026-20182 May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fi CVE-2025-62317 HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive CVE-2025-62316 HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured MED · CVE-2025-62313 HCL AION is affected by a vulnerability where adequate protections against brute-force attempts are not enforced. This m CVE-2025-62312 HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic autho MED · CVE-2025-62311 HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. Th MED · CVE-2025-62310 HCL AION is affected by a vulnerability where encryption is not enforced for certain data transmissions or operations. T CVE-2025-62309 HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may MED · CVE-2025-62308 HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such MED · CVE-2025-62305 HCL AION is affected by a vulnerability where certain operations may trigger out-of-band interactions, potentially resul CVE-2026-44504 Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared CVE-2026-44503 The RedirectHandler middleware in microsoft/kiota-java (com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0) and othe MED · CVE-2026-44501 DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend (datahub-frontend-react) deserialize MED · CVE-2026-42597 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the /forms/chromium/convert/url and /forms/c CRIT · CVE-2026-42596 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, the default deny-lists used by Gotenberg's d HIGH · CVE-2026-42595 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, Gotenberg's Chromium URL-to-PDF endpoint (/f HIGH · CVE-2026-42594 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the webhook middleware spawns a goroutine th MED · CVE-2026-42593 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, pdfengines/merge, pdfengines/split, libreoff MED · CVE-2026-42592 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, FilterOutboundURL resolves the hostname, che HIGH · CVE-2026-42591 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint (/forms/ HIGH · CVE-2026-42590 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Got CRIT · CVE-2026-42589 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg's /forms/pdfengines/metadata/write HIGH · CVE-2026-42283 DevSpace is a client-only developer tool for cloud-native development with Kubernetes. Prior to 6.3.21, DevSpace's UI se CVE-2026-42281 MagicMirror² is an open source modular smart mirror platform. Prior to 2.36.0, an unauthenticated Server-Side Request Fo CVE-2026-42159 Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and veri HIGH · CVE-2026-40893 Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly CVE-2026-44484 PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introdu CRIT · CVE-2026-44482 soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8 HIGH · CVE-2026-44375 Nerdbank.MessagePack is a NativeAOT-compatible MessagePack serialization library. Prior to 1.1.62, Nerdbank.MessagePack MED · CVE-2026-44374 Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints CVE-2026-44371 Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted CVE-2026-44308 Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pp
961 General 328 CVE 298 Vulnerability Disclosure 150 Campaigns 105 Malware 104 Data Breach

Trending Vendors

Microsoft (224) Google (153) Amazon (94) Intel (67) Palo Alto Networks (64) Apple (62) Cisco (62) Linux (62) GitHub (20) Check Point (18) Cloudflare (18) Oracle (18) Trend Micro (18) Rapid7 (17) WordPress (15)

Latest News

Data Breaches

FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA