Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-47089: CWE-862 Missing Authorization in cyrusimap Cyrus IMAPCVE-2026-47089 0 An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. LISTRIGHTS os not limited to users with admin access. An authenticated user could call IMAP LISTRIGHTS against any mailbox they could name and learn what principals had what access to it. (This action should have been restricted to users with admin access on the target mailbox.) Join the discussion | CVE Database V5 | 07/16/2026, 00:00:00 UTC Added: 07/16/2026, 18:48:09 UTC |
CVE-2026-47086: CWE-863 Incorrect Authorization in cyrusimap Cyrus IMAPCVE-2026-47086 0 An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. GENURLAUTH-issued tokens can bypass ACLs. Any authenticated user could mint a URLAUTH token (via the GENURLAUTH command) for any mailbox they could name, even without read access on it. This would allow reading mail from mailboxes despite having no granted permissions. Join the discussion | CVE Database V5 | 07/16/2026, 00:00:00 UTC Added: 07/16/2026, 18:48:09 UTC |
CVE-2026-47084: CWE-863 Incorrect Authorization in cyrusimap Cyrus IMAPCVE-2026-47084 0 An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. The LOCALDELETE command bypassed ACL checks. An authenticated but non-admin user could invoke the admin-only LOCALDELETE IMAP command and delete mailboxes for which they had no permissions. Join the discussion | CVE Database V5 | 07/16/2026, 00:00:00 UTC Added: 07/16/2026, 18:48:09 UTC |
CVE-2026-47083: CWE-204 Observable Response Discrepancy in cyrusimap Cyrus IMAPCVE-2026-47083 0 An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. There is an ESEARCH cross-user content oracle. By using the ESEARCH command, an authenticated IMAP user could enumerate folder names under any account they could name. Search would return UIDs of messages matching the search, creating a content oracle (without allowing arbitrary reads of the target's content). Join the discussion | CVE Database V5 | 07/16/2026, 00:00:00 UTC Added: 07/16/2026, 18:48:09 UTC |
Showing 1 to 4 of 4 results