Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2025-56365: n/aCVE-2025-56365 0 CVE-2025-56365 is a reachable assertion vulnerability in the Matter SDK (connectedhomeip) versions before 1.4.0. The vulnerability occurs in the interaction model command processing logic when an InvokeCommandRequest targets a nonexistent endpoint and cluster. Due to missing validation checks, the code incorrectly treats the endpoint as valid, causing a VerifyOrDie assertion failure and crashing the process with SIGABRT. This issue has been acknowledged and fixed in a later revision. Join the discussion | CVE Database V5 | 07/14/2026, 00:00:00 UTC Added: 07/14/2026, 22:33:11 UTC |
CVE-2025-56364: n/aCVE-2025-56364 0 CVE-2025-56364 is a vulnerability in the Matter SDK (connectedhomeip) before version 1.4.0. It involves the use of an uninitialized value when the GetDestinationGroupId().Value() method is called without verifying if a value exists. This causes a crash (denial of service) when an InvokeCommand is sent without initializing the destination group ID. The issue is fixed by adding a .HasValue() check before accessing the value. Join the discussion | CVE Database V5 | 07/14/2026, 00:00:00 UTC Added: 07/14/2026, 22:33:11 UTC |
CVE-2025-56363: n/aCVE-2025-56363 0 A null pointer dereference vulnerability exists in the Matter SDK (connectedhomeip) before version 1.4.0 in the ReadRevisionAttribute function used by multiple clusters. The function does not properly validate a delegate pointer before dereferencing it. A remote unauthenticated attacker can exploit this by sending a crafted read request, causing the device to crash and resulting in denial of service. This issue is confirmed in SDK version 1.4.0. Join the discussion | CVE Database V5 | 07/14/2026, 00:00:00 UTC Added: 07/14/2026, 22:33:11 UTC |
CVE-2025-56362: n/aCVE-2025-56362 0 CVE-2025-56362 is a reachable assertion vulnerability in the Matter SDK (connectedhomeip) before version 1.4.2. It occurs in the Level Control cluster's periodic server tick logic when a MoveToLevel command is immediately followed by writing OperationMode=2 in the Pump Configuration and Control cluster. This sequence causes an assertion failure that crashes the server, resulting in a denial of service. The vulnerability can be exploited remotely without authentication. Affected versions include all releases prior to 1.4.2. Join the discussion | CVE Database V5 | 07/14/2026, 00:00:00 UTC Added: 07/14/2026, 22:33:11 UTC |
CVE-2025-56361: n/aCVE-2025-56361 0 A reachable assertion vulnerability exists in the Matter SDK (connectedhomeip) 1.3 thru 1.4, specifically within the Level Control cluster's server tick logic (`emberAfLevelControlClusterServerTickCallback`). When a MoveToLevel command is executed and followed by a conflicting write to the OperationMode attribute (in the Pump Configuration and Control cluster), an invariant check (`minLevel < currentLevel`) fails and causes the device to abort. This leads to a denial of service condition. The issue is confirmed in SDK versions 1.3 and 1.4 (commit ab3d5ae), and is triggered remotely without authentication. Join the discussion | CVE Database V5 | 07/14/2026, 00:00:00 UTC Added: 07/14/2026, 21:48:16 UTC |
Showing 1 to 5 of 5 results