Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-12568: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Black Lantern Security BBOTCVE-2026-12568 0 CVE-2026-12568 is a path traversal vulnerability in Black Lantern Security BBOT version 2.1.0. The postman_download module constructs local directory paths using the workspace name from the Postman API without sanitization. This allows an attacker to craft a malicious workspace name containing path traversal characters, enabling arbitrary file writes outside the intended directory. The vulnerability has a CVSS score of 6.5, indicating medium severity. No official patch or remediation is currently confirmed. Join the discussion | CVE Database V5 | 06/17/2026, 21:53:47 UTC Added: 06/17/2026, 22:35:05 UTC |
CVE-2026-12567: CWE-59 Improper Link Resolution Before File Access ('Link Following') in Black Lantern Security BBOTCVE-2026-12567 0 CVE-2026-12567 is a low-severity vulnerability in Black Lantern Security's BBOT version 2.0.0. The github_workflows module improperly handles user-controlled repository names when constructing local directory paths, failing to validate symbolic links. This allows a local attacker with access to the scan directory to plant a symlink at a predictable output path, causing workflow data to be written to an attacker-chosen location. Join the discussion | CVE Database V5 | 06/17/2026, 21:51:35 UTC Added: 06/17/2026, 22:35:05 UTC |
CVE-2026-12566: CWE-918 Server-Side Request Forgery (SSRF) in Black Lantern Security BBOTCVE-2026-12566 0 CVE-2026-12566 is a server-side request forgery (SSRF) vulnerability in Black Lantern Security's BBOT version 2.0.0. The docker_pull module improperly trusts the realm parameter from a Docker registry's WWW-Authenticate header without validation. An attacker positioned as a man-in-the-middle could manipulate this header to redirect authentication requests to a malicious endpoint, potentially exposing authentication tokens. The vulnerability has a low severity score of 3.1 and no known exploits in the wild. No official patch or remediation guidance is currently available. Join the discussion | CVE Database V5 | 06/17/2026, 21:48:57 UTC Added: 06/17/2026, 22:35:05 UTC |
CVE-2026-12565: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Black Lantern Security BBOTCVE-2026-12565 0 CVE-2026-12565 is a path traversal vulnerability in Black Lantern Security's BBOT version 2.3.1. The issue arises because the unarchive module relies on external tools like GNU tar for archive extraction without validating file paths, allowing crafted archives to write files outside the intended directory on systems using vulnerable GNU tar versions. This vulnerability can lead to integrity impact by unauthorized file modification. The CVSS score is 5.3 (medium severity). No official patch or remediation is currently documented. Join the discussion | CVE Database V5 | 06/17/2026, 21:45:48 UTC Added: 06/17/2026, 22:35:05 UTC |
Showing 1 to 4 of 4 results