Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-55409: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in filamentphp filamentCVE-2026-55409 0 Filament is a collection of full-stack components for accelerated Laravel development. From 3.0.0 until 3.3.53, a disabled RichEditor field rendered its raw state without sanitizing HTML. Where the data stored in this field's state isn't sanitized already when the form state was filled, an attacker could plant malicious HTML or JavaScript and achieve XSS that executes for users who view the form. This vulnerability is fixed in 3.3.53. Join the discussion | CVE Database V5 | 06/22/2026, 21:47:51 UTC Added: 06/22/2026, 22:09:29 UTC |
CVE-2026-48505: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in filamentphp filamentCVE-2026-48505 0 A race condition vulnerability exists in filamentphp's filament affecting versions from 4.0.0 up to but not including 4.11.5 and 5.6.5. The flaw allows reuse of app-based multi-factor authentication recovery codes via concurrent submissions, enabling multiple authenticated sessions per recovery code. This issue only applies when recovery codes are enabled and does not affect email-based MFA. The vulnerability is fixed in versions 4.11.5 and 5.6.5. Join the discussion | CVE Database V5 | 06/22/2026, 21:39:26 UTC Added: 06/22/2026, 22:09:29 UTC |
CVE-2026-48500: CWE-862: Missing Authorization in filamentphp filamentCVE-2026-48500 0 A missing authorization vulnerability in filamentphp's Filament allows unauthenticated attackers to upload arbitrary files to temporary storage via certain components that do not require file uploads, such as the panel login form. This can lead to resource exhaustion or increased storage costs. The issue affects versions from 3.0.0 up to but not including 3.3.52, 4.11.5, and 5.6.5, where it has been fixed. Join the discussion | CVE Database V5 | 06/22/2026, 21:41:17 UTC Added: 06/22/2026, 22:09:29 UTC |
CVE-2026-48167: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in filamentphp filamentCVE-2026-48167 0 FilamentPHP's filament package versions from 4.0.0 up to but not including 4.11.5, and from versions before 5.6.5, contain a stored cross-site scripting (XSS) vulnerability. The ImageColumn and ImageEntry components render raw database values without escaping HTML, allowing attackers to inject malicious scripts if input validation is insufficient. This vulnerability is fixed starting in versions 4.11.5 and 5.6.5. Join the discussion | CVE Database V5 | 06/22/2026, 21:43:42 UTC Added: 06/22/2026, 22:09:29 UTC |
CVE-2026-48166: CWE-208: Observable Timing Discrepancy in filamentphp filamentCVE-2026-48166 0 FilamentPHP filament versions from 4.0.0 up to but not including 4.11.5 and 5.6.5 contain a timing discrepancy vulnerability on the login page. This flaw allows unauthenticated attackers to enumerate registered email addresses by observing response time differences. The vulnerability only discloses account existence information and does not impact confidentiality, integrity, or availability beyond that. It is fixed starting from versions 4.11.5 and 5.6.5. Join the discussion | CVE Database V5 | 06/22/2026, 21:40:01 UTC Added: 06/22/2026, 22:09:29 UTC |
Showing 1 to 5 of 5 results