Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threat Intelligence Database

Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.

Threat Intelligence

Click on any threat for detailed analysis and mitigation recommendations

A vulnerability has been found in princezuda SafestClaw up to 4.2.4. (CVE-2026-16129)CVE-2026-16129
0

A vulnerability exists in princezuda SafestClaw up to version 4.2.4 in the ShellAction._validate_command function within the built-in web interface. The issue involves incomplete blacklist enforcement, potentially allowing local attackers to bypass restrictions. The vulnerability requires local access and no proof-of-concept demonstrating actual user impact has been provided. The project maintainer has indicated that while the vulnerability is theoretically valid, practical exploitation has not been demonstrated. No patch or fix information is currently available.

Join the discussion
CVE-2026-16129: Incomplete Blacklist in princezuda SafestClawCVE-2026-16129
0

A vulnerability has been found in princezuda SafestClaw up to 4.2.4. This vulnerability affects the function ShellAction._validate_command of the file src/safestclaw/actions/shell.py of the component Built-in Web Interface. Such manipulation leads to incomplete blacklist. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The presence of this vulnerability remains uncertain at this time. The project maintainer explains: "On paper you're correct, this is a vulnerability. In practice, nothing your AI generated shows how it makes users vulnerable. It's open source. Someone can mod the shell allow list or remove that system. Present an actual poc that shows a threat to users."

Join the discussion

Showing 1 to 2 of 2 results

Filters:Package: pkg:github/princezuda/safestclaw
Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses