/

Threat Intelligence Feed

Aggregating 5812 articles from trusted cybersecurity sources

/
All General Vulnerability Disclosure CVE Campaigns Data Breach Malware Zero-Day Ransomware
LATEST CVEs
MED · CVE-2026-54236 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778 CVE-2026-54235 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation MED · CVE-2026-54233 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcrip HIGH · CVE-2026-54232 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulner CVE-2026-53923 vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation CRIT · CVE-2026-48746 vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in AS MED · CVE-2026-47155 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, vLLM's revision pinning contr HIGH · CVE-2026-41523 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security chec MED · CVE-2026-56698 Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validate script-capable URLs in the navigateTo open optio MED · CVE-2026-56697 Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNu MED · CVE-2026-56357 n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to CRIT · CVE-2026-56348 n8n before 2.20.0 contains a credential exfiltration vulnerability in the POST /rest/dynamic-node-parameters/options end MED · CVE-2026-56326 Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo t HIGH · CVE-2026-56324 Capgo before 12.128.2 contains a rate limit bypass vulnerability in the channel_self endpoint that allows attackers to c HIGH · CVE-2026-56323 Capgo before 12.128.2 contains an information disclosure vulnerability in the /functions/v1/channel_self endpoint that a MED · CVE-2026-56321 Capgo (backend Supabase edge functions) before 12.128.2 does not apply the global authentication middleware to the GET / HIGH · CVE-2026-56314 Capgo before 12.128.12 fails to filter deleted app versions when joining channels during /updates resolution, allowing d MED · CVE-2026-56311 Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.get_current_plan_max_org RPC function MED · CVE-2026-56306 Capgo before 12.128.2 contains a weak parsing vulnerability in the x-limited-key-id header that allows attackers to bypa HIGH · CVE-2026-56280 Cap-go before 12.128.2 contains a privilege inversion vulnerability in GET /build/logs/:jobId that allows read-only API HIGH · CVE-2026-56268 Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. HIGH · CVE-2026-56266 Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm e MED · CVE-2026-56255 Capgo before 12.128.2 contains a denial of service vulnerability in the POST /app/demo endpoint that allows authenticate MED · CVE-2026-56221 Cap-go before 12.128.2 contains multiple SQL injection vulnerabilities in cloudflare.ts where user-controlled values fro HIGH · CVE-2026-55409 Filament is a collection of full-stack components for accelerated Laravel development. From 3.0.0 until 3.3.53, a disabl MED · CVE-2026-54911 UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.13.0, ujson.dum CVE-2026-54281 Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.24, an authentication bypass v HIGH · CVE-2026-48517 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's typeless deseria HIGH · CVE-2026-48516 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, InterfaceLookupFormatter<TKey,TElemen HIGH · CVE-2026-48515 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's multi-dimensiona HIGH · CVE-2026-48514 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase<T>.Deserializ HIGH · CVE-2026-48513 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, runtime-generated union deserializers HIGH · CVE-2026-48512 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's JSON conversion HIGH · CVE-2026-48511 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, ExpandoObjectFormatter.Deserialize po HIGH · CVE-2026-48510 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, when MessagePack-CSharp decompresses CRIT · CVE-2026-48509 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, the parameterless MessagePackInputFor HIGH · CVE-2026-48506 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip() recursive HIGH · CVE-2026-48505 Filament is a collection of full-stack components for accelerated Laravel development. From 4.0.0 until 4.11.5 and 5.6.5 HIGH · CVE-2026-48502 MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.ReadDateTime() can MED · CVE-2026-48500 Filament is a collection of full-stack components for accelerated Laravel development. From 3.0.0 until 3.3.52, 4.11.5,
2486 General 710 Vulnerability Disclosure 649 CVE 461 Campaigns 330 Data Breach 305 Malware

Trending Vendors

Microsoft (686) Google (344) Amazon (238) Intel (184) Apple (149) Cisco (126) Linux (120) GitHub (105) Palo Alto Networks (103) Oracle (70) WordPress (59) Check Point (49) Cloudflare (42) Fortinet (41) Rapid7 (35)

Latest News

Data Breaches

FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA