Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-48493: CWE-863: Incorrect Authorization in grokability snipe-itCVE-2026-48493 0 Snipe-IT versions prior to 8.6.0 contain an authorization vulnerability allowing users with the users.edit permission to escalate privileges by granting themselves additional permissions except admin and superuser. This issue is fixed in version 8.6.0. Join the discussion | CVE Database V5 | 06/23/2026, 22:11:06 UTC Added: 06/23/2026, 22:24:13 UTC |
Snipe-IT: Mehrere SchwachstellenCVE-2026-48492 0 Multiple vulnerabilities have been identified in Snipe-IT, an open-source web-based asset management software used by organizations to track hardware and software. These vulnerabilities affect versions prior to 8.5.1. No CVSS score is available for these issues. There are no known exploits in the wild at this time. The vendor has not provided explicit patch or remediation information in the available data. Join the discussion | GCVE Database | 05/26/2026, 22:00:00 UTC Added: 06/09/2026, 10:23:15 UTC |
CVE-2026-48507: CWE-863: Incorrect Authorization in grokability snipe-itCVE-2026-48507 0 Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-admin user holding only the granular `users.edit` permission to lock every admin out of the instance by editing the `activated` flag (which determines whether or not a user can login) and the `ldap_import` flag, which determines whether or not the user can request a password reset. Version 8.6.0 contains a patch. Join the discussion | CVE Database V5 | 06/08/2026, 15:41:01 UTC Added: 06/08/2026, 17:06:22 UTC |
CVE-2026-44833: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') in grokability snipe-itCVE-2026-44833 0 Snipe-IT versions prior to 8.4.1 contain an open redirect vulnerability (CWE-601) that allows attackers to redirect users to malicious websites by exploiting an unvalidated HTTP Referer header stored in a session variable. This issue is resolved in version 8.4.1. The vulnerability has a medium severity with a CVSS score of 5.9. Join the discussion | CVE Database V5 | 05/26/2026, 19:30:48 UTC Added: 05/26/2026, 19:42:49 UTC |
CVE-2026-44832: CWE-281: Improper Preservation of Permissions in grokability snipe-itCVE-2026-44832 0 CVE-2026-44832 is a privilege escalation vulnerability in grokability's Snipe-IT IT asset/license management system versions prior to 8.4.1. An authenticated user with only the users.edit permission can escalate their privileges to admin by sending a specially crafted PATCH request to the user API endpoint. The API controller improperly preserves permissions by only stripping the superuser key but allowing the admin permission to be set, enabling unauthorized privilege escalation. This vulnerability is fixed in version 8.4.1. Join the discussion | CVE Database V5 | 05/26/2026, 19:29:31 UTC Added: 05/26/2026, 19:42:49 UTC |
CVE-2026-44831: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in grokability snipe-itCVE-2026-44831 0 CVE-2026-44831 is a medium severity cross-site scripting (XSS) vulnerability affecting Snipe-IT versions prior to 8.4.1. The issue arises from improper neutralization of input in the notes column visible to users with component view access, allowing injection of malicious scripts. This vulnerability has been fixed in version 8.4.1. The CVSS score is 4.8, reflecting a low attack complexity and limited privileges required, but requiring user interaction. No known exploits are reported in the wild. Join the discussion | CVE Database V5 | 05/26/2026, 19:27:16 UTC Added: 05/26/2026, 19:42:49 UTC |
Showing 1 to 6 of 6 results