| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-47176 | Quest Bot: Logging module can disclose private-channel message contents to a lower-visibility log channel | duck-organization | quest-bot | - | - | 2026-06-11 18:29:56 | Deep Dive |
| CVE-2026-47175 | Quest Bot: Moderation reason fields allow bot-powered `@everyone` / `@here` pings | duck-organization | quest-bot | - | - | 2026-06-11 18:29:43 | Deep Dive |
| CVE-2026-47173 | Quest Bot: Ticket reason allows mass-mention injection | duck-organization | quest-bot | - | - | 2026-06-11 18:29:32 | Deep Dive |
| CVE-2026-47172 | Quest Bot: Untrusted pull request code can be built and deployed by privileged `workflow_run` deployment. | duck-organization | quest-bot | - | - | 2026-06-11 18:28:53 | Deep Dive |
| CVE-2026-47171 | Quest Bot: Reminder messages allow stored mass mentions through `@everyone` and `@here` | duck-organization | quest-bot | - | - | 2026-06-11 18:28:08 | Deep Dive |
| CVE-2026-47163 | Quest Bot: Unprivileged users can create and remove AutoMod rules. | duck-organization | quest-bot | - | - | 2026-06-11 18:27:41 | Deep Dive |
| CVE-2026-47169 | Quest Bot: Manage Server users can configure AutoRole to grant Administrator to controlled joining accounts | duck-organization | quest-bot | - | - | 2026-06-11 18:25:33 | Deep Dive |
| CVE-2026-45178 | Idira Secrets Manager Self-Hosted: Improper Access Control in Internal Cluster Endpoints | CyberArk Software, a Palo Alto Networks Company | Conjur Enterprise | - | - | 2026-06-11 18:19:08 | Deep Dive |
| CVE-2026-53702 | Gstreamer1-plugins-bad-free: gstreamer: stack buffer overflow in h.265 buffering period sei parser | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.5 | 2026-06-11 18:15:39 | Deep Dive |
| CVE-2026-53701 | Gstreamer1-plugins-bad-free: gstreamer: out-of-bounds write in h.266/vvc pps picture partition parser | Red Hat | Red Hat Enterprise Linux 10 | Medium | 6.5 | 2026-06-11 18:15:30 | Deep Dive |
| CVE-2026-11774 | 389-ds-base: 389-ds-base: integer overflow in sasl packet length bypasses size limit leading to heap buffer overflow | Red Hat | Red Hat Directory Server 11 | High | 7.6 | 2026-06-11 17:54:35 | Deep Dive |
| CVE-2026-48546🧪 | KanaDojo < 0.1.18 Sandbox Escape RCE via messages.cjs | lingdojo | kana-dojo | High | 7.3 | 2026-06-11 17:53:32 | Deep Dive |
| CVE-2026-47157 | aiograpi: Unsafe signup challenge path handling | subzeroid | aiograpi | Medium | 6.5 | 2026-06-11 17:18:21 | Deep Dive |
| CVE-2026-46697🧪 | Fediverse Embeds: Unauthenticated SSRF / open proxy via REST media-proxy endpoint | stefanbohacek | fediverse-embeds-wordpress-plugin | High | 7.5 | 2026-06-11 17:16:04 | Deep Dive |
| CVE-2026-46698 | Fediverse Embeds: Public-nonce SSRF via ftf_get_site_info AJAX action | stefanbohacek | fediverse-embeds-wordpress-plugin | Medium | 5.3 | 2026-06-11 17:15:53 | Deep Dive |
| CVE-2026-49261 | MariaDB server has unsafe parameter handling in `wsrep_notify_cmd` | MariaDB | server | Critical | 10.0 | 2026-06-11 17:13:21 | Deep Dive |
| CVE-2026-3329 | Nexus Repository Manager - Improper Restriction of Excessive Authentication Attempts | Sonatype | Nexus Repository Manager | - | - | 2026-06-11 17:00:12 | Deep Dive |
| CVE-2026-11986 | Keycloak-rest-admin-ui-ext: authorization bypass vulnerability in the admin-ui-ext bulk role-mapping-delete endpoints of keycloak | Red Hat | Red Hat Build of Keycloak | Medium | 4.9 | 2026-06-11 16:47:12 | Deep Dive |
| CVE-2026-11945 | PostgreSQL Anonymizer: SQL injection in the rules import functions | DALIBO | PostgreSQL Anonymizer | Medium | 6.4 | 2026-06-11 15:53:24 | Deep Dive |
| CVE-2026-49982🧪 | tmp: Type-confusion bypass of _assertPath in tmp@0.2.6 allows path traversal via non-string prefix/postfix/template | raszi | node-tmp | High | 8.2 | 2026-06-11 15:45:01 | Deep Dive |