Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threat Intelligence Database

Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.

Threat Intelligence

Click on any threat for detailed analysis and mitigation recommendations

CVE-2026-15105: Deserialization in davenardella snap7CVE-2026-15105
0

CVE-2026-15105 is a medium severity vulnerability in davenardella snap7 versions 1.4.0 through 1.4.3. It involves a deserialization flaw in the TS7Worker::PerformFunctionRead function within the ReadVar Request Handler component. Exploitation requires local network access. Although an exploit has been published, the vendor has not yet responded or provided a fix.

Join the discussion
3 Things I wish I knew before jumping into Incident Response
0

This content is an article discussing personal insights and challenges related to working in cybersecurity incident response (IR). It highlights the high stress levels, the non-technical aspects such as organizational politics and communication, and the critical nature of IR roles in protecting organizations. The article does not describe a specific security vulnerability, exploit, or breach event.

Join the discussion
ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)
0

The provided information references an ISC Stormcast podcast episode dated July 9th, 2026, from the SANS Internet Storm Center. No specific vulnerability details, technical information, or affected software versions are provided in the source content. The entry does not describe a concrete security threat or vulnerability.

MediumVulnerability
Join the discussion
_HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary], (Tue, Jul 7th)
0

A scanning and brute-force botnet, self-identified as a 'performance piece' originating from Belarus, sends HTTP requests containing a plea for help in the URL path. It scans random IP addresses for open HTTP (ports 80, 8000, 8080) and SSH (ports 22, 2222) ports, performing simple reconnaissance and attempting SSH brute force with a small fixed list of default credentials. The bot claims no persistence, no command-and-control, and self-terminates after about six months. Despite the stated intent, the bot poses a security risk to hosts with weak or default SSH credentials.

MediumVulnerability
Join the discussion
CVE-2026-15138: Path Traversal in tumf mcp-text-editorCVE-2026-15138
0

CVE-2026-15138 is a medium severity path traversal vulnerability in the tumf mcp-text-editor affecting versions 1.0.0, 1.0.1, and 1.0.2. The issue exists in the _validate_file_path function of the mcp_text_editor/text_editor.py file, allowing remote attackers to manipulate file_path arguments to perform path traversal. The vulnerability has been publicly disclosed, but no official patch or remediation has been provided by the vendor, who closed the related GitHub issue without explanation.

Join the discussion
CVE-2026-25262 Write-What-Where in Qualcomm Sahara confirmed on Snapdragon 8 Gen 1 (SM8450) – partial Firehose auth bypassCVE-2026-25262
0

CVE-2026-25262 is a write-what-where vulnerability in the Qualcomm Sahara protocol confirmed experimentally on the Snapdragon 8 Gen 1 (SM8450) platform. The vulnerability allows arbitrary writes to SRAM during the Sahara handshake, bypassing signature verification and partially bypassing Firehose loader authorization. While the loader executes and responds to commands without authorization errors, full UFS storage access has not yet been achieved. The vulnerability was previously known to affect only legacy 32-bit Qualcomm platforms, but this research extends its applicability to modern 64-bit ARMv9 SoCs. Further investigation is ongoing to achieve full Firehose initialization and understand TrustZone dependencies. No official patch or remediation guidance is currently available.

Join the discussion
PSA: PAN-OS authenticated command injection in the CLI (CVE-2026-0286) - patches out for 12.1, 11.2, 11.1, 10.2CVE-2026-0286
0

CVE-2026-0286 is an authenticated command injection vulnerability in the PAN-OS CLI. An attacker with administrative CLI access can execute arbitrary commands on the underlying system by escaping the CLI environment. The issue affects PAN-OS versions prior to 12.1.8, 11.2.13, 11.1.16, and 10.2.18-h8. Cloud NGFW services are not affected. Palo Alto Networks has released patches for these versions. A temporary mitigation is available via Threat Prevention subscription with Threat ID 510036, but it requires inbound management traffic decryption and is not a full fix. Patching is the recommended remediation.

Join the discussion
CVE-2026-15137: SQL Injection in code-projects Interview Management SystemCVE-2026-15137
0

CVE-2026-15137 is a SQL injection vulnerability in code-projects Interview Management System version 1.0. The vulnerability exists in the file \inc\classes\View.php due to improper handling of the argument ID, allowing remote attackers to manipulate SQL queries. The exploit code has been publicly disclosed. The vulnerability has a medium severity rating with a CVSS score of 6.9.

Join the discussion
ThreatFox IOCs for 2026-07-08
0

ThreatFox IOCs for 2026-07-08

Join the discussion
CVE-2026-15134: SQL Injection in CodeAstro Simple Online Leave Management SystemCVE-2026-15134
0

CodeAstro Simple Online Leave Management System version 1.0 contains a SQL injection vulnerability in the /SimpleOnlineLeave/index.php file. The vulnerability arises from improper handling of the 'email' argument, allowing remote attackers to manipulate SQL queries. This issue has been publicly disclosed and carries a medium severity rating with a CVSS score of 6.9.

Join the discussion

Showing 1 to 10 of 10506 results

Page 1 of 1051
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses