Skip to main content
Threat Radar animated logo
DashboardThreatsMapFeedsPricingView Plans & Pricing
reconnecting
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threat Intelligence Database

Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.

Threat Intelligence

Click on any threat for detailed analysis and mitigation recommendations

CVE-2026-6428: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Koha Community KohaCVE-2026-6428
0

CVE-2026-6428 is a medium severity SQL Injection vulnerability in Koha Community Koha affecting multiple versions prior to specific fixed releases. It allows an authenticated staff user with Reports module access to read arbitrary database data via the Filter URL parameter when the Criteria parameter is 'branchcode'. The vulnerability arises from unsafe concatenation of user input into an SQL LIKE clause without parameterization. It was introduced in 2008 and fixed in Koha versions 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by using parameterized queries.

MediumVulnerability#cve#cve-2026-6428#cwe-89
Join the discussion
CVE-2026-26379: n/aCVE-2026-26379
0

Koha versions up to 25.11 contain a Server-Side Request Forgery (SSRF) vulnerability via the Z39.50/SRU server configuration. This allows authenticated attackers to perform internal network scanning and identify running services by analyzing server response times.

MediumVulnerability#cve#cve-2026-26379
Join the discussion
CVE-2026-26378: n/aCVE-2026-26378
0

Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features

MediumVulnerability#cve#cve-2026-26378
Join the discussion

Showing 1 to 3 of 3 results

Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses