Threat Intelligence Feed

Aggregating 6806 articles from trusted cybersecurity sources

LATEST CVEs
MED · CVE-2026-58523 Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over CVE-2026-14617 A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function Gatewa MED · CVE-2026-58597 Insufficient ui warning of dangerous operations in Microsoft Edge (Chromium-based) allows an unauthorized attacker to pe MED · CVE-2026-58524 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) MED · CVE-2026-58522 Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally. CRIT · CVE-2026-58426 Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state w HIGH · CVE-2026-58424 Permanent Fork PR Workflow Approval Gate Bypass HIGH · CVE-2026-58423 LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories CVE-2026-58422 Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts CVE-2026-58421 Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service CVE-2026-58419 Notification API leaks private issue metadata after access revocation MED · CVE-2026-58418 SSRF via HTTP Redirect in Repository Migration MED · CVE-2026-58300 Absolute path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally. HIGH · CVE-2026-58299 Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execu HIGH · CVE-2026-58298 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) HIGH · CVE-2026-58297 Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized a HIGH · CVE-2026-58296 Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized a HIGH · CVE-2026-58295 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized HIGH · CVE-2026-58294 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. HIGH · CVE-2026-58293 External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code HIGH · CVE-2026-58292 Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a netw MED · CVE-2026-58291 Operation on a resource after expiration or release in Microsoft Edge (Chromium-based) allows an unauthorized attacker t HIGH · CVE-2026-58290 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized CRIT · CVE-2026-58289 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized HIGH · CVE-2026-58288 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. HIGH · CVE-2026-58287 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. HIGH · CVE-2026-58286 Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a ne HIGH · CVE-2026-58285 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized HIGH · CVE-2026-58284 Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network HIGH · CVE-2026-58283 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized HIGH · CVE-2026-58282 Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a ne MED · CVE-2026-58278 Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofin HIGH · CVE-2026-58276 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. HIGH · CVE-2026-57993 Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofin HIGH · CVE-2026-57992 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. HIGH · CVE-2026-57991 Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized HIGH · CVE-2026-57988 Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a networ MED · CVE-2026-57987 Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofin HIGH · CVE-2026-57986 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. HIGH · CVE-2026-57985 Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a netw
2949 General 797 Vulnerability Disclosure 770 CVE 545 Campaigns 374 Data Breach 352 Malware

Trending Vendors

Latest News

HTTPS by default

One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secure Connections”. T...

Google Security Blog →

Data Breaches