Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-56694: Incorrect Authorization in nanocoai nanoclawCVE-2026-56694 0 NanoClaw before 2.1.0 contains a privilege escalation vulnerability in the channel-registration approval flow where handleChannelApprovalResponse fails to validate admin privileges over target agent groups. Scoped admins can submit forged or stale connect callback values to wire messaging channels into out-of-scope agent groups, exposing unauthorized groups to unapproved channels and enabling unauthorized observation or control of restricted agent group activity. Join the discussion | CVE Database V5 | 06/23/2026, 15:35:41 UTC Added: 06/23/2026, 16:09:21 UTC |
CVE-2026-56693: Client-Side Enforcement of Server-Side Security in nanocoai nanoclawCVE-2026-56693 0 NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the create_agent delivery-action handler that performs privileged central-database writes without host-side authorization checks. Confined agent containers can invoke create_agent to create arbitrary agent groups, container configurations, and destinations, escalating beyond their intended confinement boundary. Join the discussion | CVE Database V5 | 06/23/2026, 15:35:19 UTC Added: 06/23/2026, 16:09:21 UTC |
CVE-2026-56692: Improper Link Resolution Before File Access ('Link Following') in nanocoai nanoclawCVE-2026-56692 0 NanoClaw versions before 2.1.17 contain a symlink following vulnerability in the forwardAttachedFiles function. This flaw allows container-controlled agents to exfiltrate files readable by the host system. The vulnerability arises because the host only validates attachment filenames with isSafeAttachmentName before copying files using fs.copyFileSync, which follows symlinks without containment checks. This can lead to disclosure of arbitrary host files. Join the discussion | CVE Database V5 | 06/23/2026, 15:34:56 UTC Added: 06/23/2026, 16:09:21 UTC |
CVE-2026-56402: Missing Authorization in nanocoai nanoclawCVE-2026-56402 0 NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the handleApprovalsResponse function that fails to verify responder role authorization. Attackers with a valid questionId can approve or reject privileged actions like package installation by submitting approval response payloads without proper role validation. Join the discussion | CVE Database V5 | 06/23/2026, 15:34:05 UTC Added: 06/23/2026, 16:09:21 UTC |
Showing 1 to 4 of 4 results