/

Threat Intelligence Feed

Aggregating 6471 articles from trusted cybersecurity sources

/
All General Vulnerability Disclosure CVE Campaigns Data Breach Malware Ransomware Zero-Day
LATEST CVEs
HIGH · CVE-2026-8023 Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, ava HIGH · CVE-2026-7656 The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) use MED · CVE-2026-51219 A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows MED · CVE-2026-51218 A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows at MED · CVE-2026-10648 mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of sm MED · CVE-2026-57997 Strapi users-permissions plugin fails to restrict JWT algorithms when plugin::users-permissions.jwt.algorithm is not exp HIGH · CVE-2026-51221 A buffer overflow in the Get_Attribute_List function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a D HIGH · CVE-2026-34592 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta. MED · CVE-2026-10647 The USB CDC-NCM device class (subsys/usb/device_next/class/usbd_cdc_ncm.c) ignores the return value of usbd_ep_enqueue() HIGH · CVE-2026-55957 Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate MED · CVE-2026-55956 Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ig MED · CVE-2026-55955 Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the CRIT · CVE-2026-55276 Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisa CRIT · CVE-2026-53434 Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connect HIGH · CVE-2026-53404 Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first cond MED · CVE-2026-50229 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example HIGH · CVE-2026-41896 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta. HIGH · CVE-2026-34597 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta. HIGH · CVE-2026-34594 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta. CVE-2026-13758 CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt HIGH · CVE-2026-57919 PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe (\\.\pipe\PBackupVSS) with a DA CRIT · CVE-2026-57498 Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta. HIGH · CVE-2026-56018 JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory HIGH · CVE-2026-56017 JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful t CVE-2026-54889 Improper Neutralization of Input During Web Page Generation (XSS) vulnerability in leandrocp mdex allows cross-site scri CVE-2026-54888 Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex CVE-2026-53429 Missing Release of Memory after Effective Lifetime vulnerability in leandrocp mdex and mdex_native allows an attacker wh CVE-2026-53426 Allocation of Resources Without Limits or Throttling vulnerability in leandrocp MDEx allows Excessive Allocation. MDEx. MED · CVE-2026-43746 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a MED · CVE-2026-43745 An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26. MED · CVE-2026-43743 A race condition was addressed with improved state handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS MED · CVE-2026-43742 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a MED · CVE-2026-43740 The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5. HIGH · CVE-2026-43735 The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS MED · CVE-2026-43734 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a MED · CVE-2026-43732 A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadO HIGH · CVE-2026-43731 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a MED · CVE-2026-43727 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a MED · CVE-2026-43726 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a HIGH · CVE-2026-43725 The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5
2796 General 758 Vulnerability Disclosure 747 CVE 517 Campaigns 362 Data Breach 333 Malware

Trending Vendors

Microsoft (751) Google (371) Amazon (264) Intel (211) Apple (176) Cisco (141) Linux (134) GitHub (113) Palo Alto Networks (107) Oracle (89) WordPress (59) Check Point (51) Cloudflare (45) Fortinet (44) Rapid7 (37)

Latest News

Data Breaches

FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA