Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
GHSA-wmhf-fqc8-vxhh: SQLFluff: Recursive Stack Overflow in ParserCVE-2026-46373 0 SQLFluff versions prior to 4.1.0 contain a recursive stack overflow vulnerability in the parser component. This flaw allows an attacker who can submit SQL queries for linting to cause a denial of service by crafting queries with excessive nesting, leading to resource exhaustion. Versions 4.1.0 and later include a configurable recursion limit enabled by default to mitigate this issue. Join the discussion | GCVE Database | 05/19/2026, 20:10:17 UTC Added: 07/07/2026, 01:17:12 UTC |
GHSA-73jc-5mrq-prw7: SQLFluff: Uncontrolled Resource Consumption in SQLFluff ParserCVE-2026-46374 0 SQLFluff versions prior to 4.2.0 are vulnerable to uncontrolled resource consumption in its SQL parser. This vulnerability allows an untrusted user to submit a maliciously long SQL query to trigger a denial of service (DoS) by exhausting system resources. The issue is addressed in version 4.2.0 and later by introducing a configurable parse node limit enabled by default. No known exploits are reported in the wild. Join the discussion | GCVE Database | 05/19/2026, 20:10:53 UTC Added: 07/07/2026, 01:17:12 UTC |
5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management 0 This content is an analytical report summarizing Frost & Sullivan’s 2025 Frost Radar insights on the evolution of Cloud Security Posture Management (CSPM). It highlights CSPM's transition from periodic compliance checks to continuous risk-based governance integrated within Cloud Native Application Protection Platforms (CNAPPs). The report emphasizes trends such as integrated posture management, risk prioritization, code-to-cloud visibility, platform consolidation, and AI-driven enhancements in CSPM. It does not describe a specific security vulnerability or exploit. MediumVulnerability Join the discussion | Microsoft Security Blog | 07/06/2026, 16:00:00 UTC Added: 07/07/2026, 01:01:13 UTC |
ISC Stormcast For Monday, July 6th, 2026 https://isc.sans.edu/podcastdetail/9994, (Mon, Jul 6th) 0 The ISC Stormcast for July 6th, 2026, is a daily threat intelligence podcast update from the SANS Internet Storm Center. The provided information does not describe a specific vulnerability or security threat but rather references a general threat intelligence resource. MediumVulnerability Join the discussion | SANS ISC Handlers Diary | 07/06/2026, 11:36:06 UTC Added: 07/07/2026, 01:00:34 UTC |
RCS and DNS: The NAPTR Record, (Mon, Jul 6th) 0 This report discusses the use of DNS NAPTR records in the context of RCS (Rich Communication Services), a modern messaging protocol increasingly adopted on iOS and Android. NAPTR records are used to locate SIP servers for RCS message transport, enabling secure SIP over TLS with TCP. The report notes that while NAPTR records can include regular expressions for rewriting domain names, in current RCS usage these expressions are empty and the records primarily direct to SRV records. There is no indication of active exploitation or vulnerabilities in the NAPTR usage described. Join the discussion | SANS ISC Handlers Diary | 07/06/2026, 13:35:58 UTC Added: 07/07/2026, 01:00:34 UTC |
Cavern Manticore: Exposing Iran-Linked Modular C2 Framework 0 Since early 2026, Check Point Research has tracked Cavern Manticore, an Iran-linked APT group using a new modular command-and-control (C2) framework. This threat actor primarily targets Israeli organizations, focusing on IT providers and government sectors. Cavern Manticore is linked to Iran's Ministry of Intelligence and Security (MOIS) and has connections to the OilRig group. The framework is modular, indicating flexible and potentially evolving capabilities. No specific affected software versions or exploits in the wild have been reported. The threat is assessed as medium severity based on available information. MediumVulnerability Join the discussion | Check Point Research | 07/06/2026, 12:25:02 UTC Added: 07/07/2026, 00:59:45 UTC |
Windows Defender (MsMpEng.exe) - Race Condition 0 A race condition vulnerability exists in Windows Defender Antivirus (MsMpEng.exe) between the cleanup routine and Volume Shadow Copy creation. Exploitation can lead to local privilege escalation to SYSTEM, cause Windows Defender to crash, and leave the system unprotected for the session. The exploit leverages fake ISO mounting and real-time priority escalation to outpace Defender's cleanup process. No patch or official remediation information is provided. Join the discussion | Exploit-DB RSS Feed | 07/06/2026, 00:00:00 UTC Added: 07/07/2026, 00:58:53 UTC |
KNX visualisering - Broken Access Control 0 KNX visualisering is affected by a broken access control vulnerability that allows unauthorized access or actions. This issue affects Windows and Linux platforms and has publicly available exploit code written in Perl. No specific affected versions or patch information are provided. Join the discussion | Exploit-DB RSS Feed | 07/06/2026, 00:00:00 UTC Added: 07/07/2026, 00:58:53 UTC |
Joomla Extension 4.1.4 - PHP Object injection 0 A PHP Object Injection vulnerability exists in Joomla Extension version 4.1.4. This vulnerability allows an attacker to inject malicious PHP objects, potentially leading to unauthorized code execution or other impacts depending on the application context. Exploit code is publicly available in Python. Join the discussion | Exploit-DB RSS Feed | 07/06/2026, 00:00:00 UTC Added: 07/07/2026, 00:58:53 UTC |
Le site pechotonbac.fr est-il un faux site de résultats du bac ? Mon navigateur le bloque en phishing 0 The website pechotonbac.fr is reported as a potential phishing site that claims to provide access to baccalaureate exam results. Users attempting to visit the site receive browser warnings indicating phishing activity. There is no confirmed exploit or detailed technical analysis available. The report originates from a Reddit cybersecurity discussion seeking information about the site's legitimacy. Join the discussion | Reddit Cybersecurity | 07/06/2026, 23:54:42 UTC Added: 07/07/2026, 00:21:23 UTC |
Showing 1 to 10 of 10287 results