Threat Alerts

Real-time critical CVE alerts, security advisories, and vulnerability intelligence — curated by the Vulnios Threat Intelligence team.

500 Critical
0 High
500 Total Alerts
Follow on TelegramSubscribe via RSS
Filter:
500 alerts
criticalOSINT Alert
CVE-2024-11053CVE-2024-8096CVE-2026-10536

USN-8525-1: curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled credentials when following HTTP redirects in conjunction with .netrc files. An attacker could possibly use this issue to obtain sensitive inform

Ubuntu· edge
ubuntulinuxpatch
Jul 9 · 10:53 PM
Read analysis
criticalVendor Advisory
CVE-2026-47254CVE-2026-47709CVE-2026-47714

USN-8526-1: libheif vulnerabilities

Xianrui Dong discovered that libheif had an out-of-bounds read in its HEIF sequence track parser. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information

Ubuntu
ubuntulinuxpatch
Jul 9 · 10:53 PM
Read analysis
criticalVendor Advisory

Chrome Beta for Desktop Update

Google Chrome Releases published an advisory on "Chrome Beta for Desktop Update". Topic areas: google, chrome, browser, patch. Published July 9, 2026. See the original source linked under References f

Google· Chrome
googlechromebrowser
Jul 9 · 10:17 PM
Read analysis
criticalVendor Advisory
CVE-2026-2369CVE-2026-5119

USN-8523-1: libsoup vulnerabilities

Eric Su and Samuel Dainard discovered that libsoup incorrectly handled content with zero-length resources. An attacker could possibly use this issue to trigger a buffer over-read, resulting in informa

Ubuntu
ubuntulinuxpatch
Jul 9 · 8:45 PM
Read analysis
criticalOSINT Alert

USN-8524-1: Python vulnerability

It was discovered that Python did not use sufficient entropy for Expat hash-flooding protection in the xml.parsers.expat and xml.etree.ElementTree modules. An attacker could use this to cause a denial

ubuntulinuxpatch
Jul 9 · 6:39 PM
Read analysis
criticalVendor Advisory
CVE-2026-5342CVE-2026-20884CVE-2026-20889

USN-8522-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled certain Nikon RAW image files. An attacker could possibly use this issue to cause LibRaw to crash, resulting in a denial of service. (CVE-2026-5342) I

Ubuntu
ubuntulinuxpatch
Jul 9 · 4:32 PM
Read analysis
criticalVendor Advisory

USN-8521-1: Libidn vulnerability

It was discovered that Libidn incorrectly handled certain internationalized domain name strings. An attacker could possibly use this issue to obtain sensitive information or cause a denial of service.

ubuntulinuxpatch
Jul 9 · 4:32 PM
Read analysis
criticalOSINT Alert

USN-8520-1: Expat vulnerability

It was discovered that Expat used insufficient entropy when generating hash salt values for its internal hash table. An attacker could use this to craft an XML document that triggers hash flooding, le

ubuntulinuxpatch
Jul 9 · 4:32 PM
Read analysis
criticalOSINT Alert

GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware

GigaWiper is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational platform. This blog analyzes how the malware incorporates code from several

Microsoft
microsoftthreat-intelapt
Jul 9 · 4:13 PM
Read analysis
criticalVendor Advisory

Chrome Beta for iOS Update

Google Chrome Releases published an advisory on "Chrome Beta for iOS Update". Topic areas: google, chrome, browser, patch. Published July 9, 2026. See the original source linked under References for t

Google· Chrome
googlechromebrowser
Jul 9 · 4:13 PM
Read analysis
criticalVendor Advisory

Chrome Beta for Android Update

Google Chrome Releases published an advisory on "Chrome Beta for Android Update". Topic areas: google, chrome, browser, patch. Published July 9, 2026. See the original source linked under References f

Google· Chrome
googlechromebrowser
Jul 9 · 4:13 PM
Read analysis
criticalVendor Advisory
CVE-2025-47913CVE-2025-22869

USN-8519-1: Go Cryptography vulnerabilities

Jakub Ciolek and Nicola Murino discovered that Go Cryptography incorrectly handled SSH agent responses. An attacker could use this to cause a denial of service. (CVE-2025-47913) Yuichi Watanabe discov

ubuntulinuxpatch
Jul 9 · 2:24 PM
Read analysis

Protect Your Organization

Monitor CVEs, scan for vulnerabilities, and get real-time threat alerts — all in one platform.