Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-42004: Misinterpretation of Input in PowerDNS DNSdistCVE-2026-42004 0 An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS option(s) that DNSdist did not filter. Join the discussion | CVE Database V5 | 06/25/2026, 12:24:20 UTC Added: 06/25/2026, 13:16:11 UTC |
CVE-2026-40211: Allocation of Resources Without Limits or Throttling in PowerDNS DNSdistCVE-2026-40211 0 An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service. Join the discussion | CVE Database V5 | 06/25/2026, 12:23:55 UTC Added: 06/25/2026, 13:16:11 UTC |
CVE-2026-40210: Buffer Over-read in PowerDNS DNSdistCVE-2026-40210 0 An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash. Join the discussion | CVE Database V5 | 06/25/2026, 12:23:31 UTC Added: 06/25/2026, 13:16:11 UTC |
CVE-2026-40209: Missing Release of Resource after Effective Lifetime in PowerDNS DNSdistCVE-2026-40209 0 An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or if the process runs out of file descriptors. Join the discussion | CVE Database V5 | 06/25/2026, 12:23:05 UTC Added: 06/25/2026, 13:16:11 UTC |
CVE-2026-40208: Incorrect Control Flow Scoping in PowerDNS DNSdistCVE-2026-40208 0 An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame. Join the discussion | CVE Database V5 | 06/25/2026, 12:22:42 UTC Added: 06/25/2026, 13:16:11 UTC |
CVE-2026-40011: Improper Encoding or Escaping of Output in PowerDNS DNSdistCVE-2026-40011 0 An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires. Join the discussion | CVE Database V5 | 06/25/2026, 12:22:19 UTC Added: 06/25/2026, 13:16:11 UTC |
Showing 1 to 6 of 6 results