LIVE THREAT INTELLIGENCE

Mobile
Security
Intelligence.

Real-time vulnerability tracking, technical analysis, and threat intelligence focused on Android, iOS, and mobile-first infrastructure.

View Threat Feed → Get Weekly Digest
8
CRITICAL
24
HIGH
1
EXPLOITED ITW
52
TRACKED
cypherbyte-feed — live@0.0.0.0
[SYS] CypherByte Intel Feed v2.6 — initializing...
[SYS] Connecting to NVD · Exploit-DB · GitHub Advisory
[FEED] 52 vulnerabilities loaded
HIGH
CVE-2026-6351 — MailGates/MailAudit developed by Openf…
CRIT
CVE-2026-6350 — MailGates/MailAudit developed by Openf…
CRIT
CVE-2026-40504 — Creolabs Gravity before 0.9.6 contains…
HIGH
CVE-2026-40960 — Luanti 5 before 5.15.2 sometimes allow…
HIGH
CVE-2026-40502 — OpenHarness prior to commit dd1d235 co…
$ _
Android Security
Kernel, framework, app layer
Mobile Pentesting
iOS & Android assessment
Exploit Research
CVE analysis & PoC review
Threat Intel
Actor tracking & IOCs
// LATEST ADVISORIES

Recent Vulnerabilities

View all 52 →
HIGH MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, al
Cross-platform
CRITICAL MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vuln
Cross-platform
CRITICAL Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in t
Cross-platform
HIGH Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environ
Cross-platform
HIGH OpenHarness prior to commit dd1d235 contains a command injection vulnerability t
Cross-platform
// INTELLIGENCE REPORTS

Latest Research

All reports →
CVE Analysis 8 min

CVE-2026-6351: CRLF Injection to LFI in Openfind MailGates/MailAudit

Unauthenticated CRLF injection in Openfind MailGates/MailAudit allows arbitrary system file read via HTTP response splitting. No authentication required.

#crlf-injection#mail-gateway#arbitrary-file-read
CVE Analysis 8 min

CVE-2026-6350: Openfind MailGates Stack Buffer Overflow → Unauthenticated RCE

A stack-based buffer overflow in Openfind MailGates/MailAudit allows unauthenticated remote attackers to corrupt the stack frame and achieve arbitrary code execution. CVSS 9.8, no authentication required.

#stack-based-buffer-overflow#remote-code-execution#unauthenticated-attack
CVE Analysis 9 min

CVE-2026-40504: Heap Overflow in Gravity VM Fiber Reassignment Enables RCE

A heap buffer overflow in gravity_fiber_reassign() allows attackers to corrupt heap metadata via crafted scripts with excessive global string literals, achieving arbitrary code execution in any application embedding Gravity before 0.9.6.

#heap-buffer-overflow#arbitrary-code-execution#bounds-checking
newsletter-signup — weekly intel digest
// SUBSCRIBE

Weekly Mobile Security Digest

Every Friday — the most critical mobile vulnerabilities, threat actor activity, and security research. No noise. No marketing. Just intelligence.

No spam. Unsubscribe anytime. ~500 words per edition.