Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-49091: CWE-116 Improper Encoding or Escaping of Output in Elastic KibanaCVE-2026-49091 0 Improper Output Neutralization for Logs (CWE-117) in Kibana can lead to log injection via Log Injection-Tampering-Forging (CAPEC-93). An attacker can supply specially crafted input that is written to log files without proper neutralization. When the log files are subsequently viewed in a terminal that interprets control sequences, the injected content may alter the displayed log data. Join the discussion | CVE Database V5 | 07/01/2026, 17:21:28 UTC Added: 07/01/2026, 17:52:19 UTC |
CVE-2026-56151: CWE-20 Improper Input Validation in Elastic KibanaCVE-2026-56151 0 Improper Input Validation (CWE-20) in Kibana can lead to a denial of service via Input Data Manipulation (CAPEC-153). An authenticated user can submit a specially crafted Fleet policy input that is not correctly validated, which can render Fleet agent, server, and policy management functionality unavailable. Join the discussion | CVE Database V5 | 07/01/2026, 16:29:25 UTC Added: 07/01/2026, 17:06:51 UTC |
CVE-2026-49088: CWE-532 Insertion of Sensitive Information into Log File in Elastic KibanaCVE-2026-49088 0 Insertion of Sensitive Information into Log File (CWE-532) in Kibana can lead to information disclosure. When the optional application performance monitoring (APM) instrumentation is enabled, sensitive request header values could be recorded in application logs, where they may be accessible to operators with log access. Join the discussion | CVE Database V5 | 07/01/2026, 16:59:24 UTC Added: 07/01/2026, 17:06:51 UTC |
CVE-2026-49087: CWE-770 Allocation of Resources Without Limits or Throttling in Elastic KibanaCVE-2026-49087 0 Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can lead to a denial of service via Excessive Allocation (CAPEC-130). An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable. Join the discussion | CVE Database V5 | 07/01/2026, 16:35:19 UTC Added: 07/01/2026, 17:06:49 UTC |
Showing 1 to 4 of 4 results