Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threat Intelligence Database

Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.

Threat Intelligence

Click on any threat for detailed analysis and mitigation recommendations

CVE-2026-57828: CWE-434: Unrestricted Upload of File with Dangerous Type in phoca.cz phoca.cz Phoca Download extension for JoomlaCVE-2026-57828
0

The Phoca Download extension for Joomla contains a critical vulnerability (CVE-2026-57828) that allows authenticated users to upload executable files without restriction. This arbitrary file upload flaw can lead to full remote code execution (RCE) on affected systems. The vulnerability affects versions 1.0 through 6.1.2 of the extension. No official patch or remediation guidance is currently provided by the vendor. The vulnerability has a high CVSS 4.0 score of 9.0, indicating critical severity.

Join the discussion
CVE-2026-57827: CWE-434: Unrestricted Upload of File with Dangerous Type in rsjoomla.com rsjoomla.com RSFiles extension for JoomlaCVE-2026-57827
0

The rsjoomla.com RSFiles extension for Joomla contains a critical vulnerability (CVE-2026-57827) that allows unauthenticated attackers to upload arbitrary executable files. This unrestricted file upload leads to full remote code execution (RCE) on affected systems. The vulnerability affects versions 1.0 through 1.17.11 of the RSFiles extension. No official patch or remediation guidance is currently available from the vendor. The vulnerability has a maximum CVSS 4.0 score of 10.0, indicating critical severity.

Join the discussion
Precision Vs Accuracy
0

This content discusses the distinction between precision and accuracy metrics in Security Operations Center (SOC) detections. Precision measures how often alerts generated by a detection are correct, reflecting the practical workload on analysts. Accuracy measures how often the detection is correct overall, including true negatives and false negatives, but requires more comprehensive data that many SOCs lack. The article cautions against overreliance on accuracy metrics without proper data and suggests precision as a more honest starting point for evaluating detection quality.

Join the discussion
Loop with Unreachable Exit Condition in GNU patchCVE-2026-56289
0

CVE-2026-56289 is a vulnerability identified as a loop with an unreachable exit condition in GNU patch version 3.0. This issue relates to a software defect where a loop may never terminate due to its exit condition being unreachable. No CVSS score or detailed impact information is provided. There are no known exploits in the wild and no patch or remediation details have been disclosed.

Join the discussion
NULL Pointer Dereference in GNU patchCVE-2026-56288
0

CVE-2026-56288 is a NULL pointer dereference vulnerability identified in GNU patch version 3.0. This type of vulnerability can cause the affected software to crash or behave unexpectedly when it attempts to access memory through a NULL pointer. The information provided does not include details on exploitation methods or impact beyond the dereference issue. No patch or remediation information is currently available from the vendor advisory. There is no evidence of known exploits in the wild at this time.

Join the discussion
Security update for libexifCVE-2026-32775
0

This security update for libexif addresses three vulnerabilities involving integer overflow and underflow in the handling and decoding of MakerNotes, specifically affecting Nikon MakerNote processing. These issues could lead to information disclosure, crashes, and denial of service. The update fixes CVE-2026-40385, CVE-2026-40386, and CVE-2026-32775. No CVSS score is provided, but the impact includes medium severity issues such as crashes and information leaks.

Join the discussion
Security update for the Linux KernelCVE-2025-68324
0

A security update for the SUSE Linux Enterprise 11 SP4 kernel addresses multiple vulnerabilities, including use-after-free bugs, race conditions, and improper handling of network protocols. The update fixes 10 distinct CVEs affecting components such as SCSI, TCP, bonding, ALSA, KVM, networking, and Bluetooth subsystems. These vulnerabilities could lead to memory corruption or unexpected behavior in kernel modules.

Join the discussion
MAL-2026-10119: Malicious code in sankislayer (PyPI)
0

The sankislayer package on PyPI version 1.0.0 contains obfuscated malicious code that implements a Telegram bot designed to join and participate in a spamming botnet. This botnet is centrally controlled and can spam Telegram channels by repeatedly posting messages, changing photos, or altering titles. The package is classified as malicious with clear intent to abuse third-party APIs for spamming purposes.

Join the discussion
MAL-2026-10118: Malicious code in execfences (npm)
0

The npm package 'execfences' contains malicious code that compromises any computer on which it is installed or running. This compromise potentially grants full control to an outside entity, risking exposure of all secrets and keys stored on the affected system. Removal of the package alone may not eliminate all malicious software introduced by its installation.

Join the discussion
GHSA-676x-f7gg-47vc: Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME RecordsCVE-2026-45674
0

Netty's DNS resolver component (DnsResolveContext) fails to validate the origin (bailiwick) of CNAME records in DNS responses, leading to potential DNS cache poisoning via bailiwick bypass. This vulnerability affects applications using Netty's DNS resolver. The issue arises because the resolver blindly caches all CNAME records from DNS answers without verifying that the data originates from an authoritative source for the queried domain or its parent domains, violating recommended DNS security practices. This can allow attackers to poison DNS caches, potentially causing clients to resolve to malicious IP addresses.

Join the discussion

Showing 1 to 10 of 10468 results

Page 1 of 1047
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses