Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-8247: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in WatchGuard Fireware OSCVE-2026-8247 0 CVE-2026-8247 is a high-severity buffer overflow vulnerability in WatchGuard Fireware OS that allows an unauthenticated attacker on the same local network segment to execute arbitrary code. It affects multiple versions including 11.0 through 11.12.4_Update1, 12.0 through 12.12, and 2025.1 through 2026.2. The vulnerability arises from improper bounds checking during buffer copy operations. No official patch or remediation guidance is currently available from the vendor. Join the discussion | CVE Database V5 | 07/02/2026, 23:07:16 UTC Added: 07/02/2026, 23:21:37 UTC |
CVE-2026-13728: CWE-798 Use of Hard-coded Credentials in WatchGuard Fireware OSCVE-2026-13728 0 WatchGuard Fireware OS versions 12.1 through 12.12 and 2025.1 through 2026.2, when deployed in a FireCluster with the Access Portal feature enabled, may use a hard-coded encryption key to encrypt saved credentials. This vulnerability does not affect standalone Fireboxes or devices without Access Portal support. The issue relates to the use of hard-coded credentials, which can weaken encryption security. Join the discussion | CVE Database V5 | 07/02/2026, 23:07:01 UTC Added: 07/02/2026, 23:21:37 UTC |
CVE-2026-13722: CWE-347 Improper Verification of Cryptographic Signature in WatchGuard Fireware OSCVE-2026-13722 0 CVE-2026-13722 is a high-severity vulnerability in WatchGuard Fireware OS that allows an authenticated administrator to bypass firmware validation when processing backup images via the backup/restore feature. This flaw enables installation of tampered firmware images. The vulnerability affects Fireware OS versions 11.0 through 11.12.4_Update1, 12.0 through 12.12, and 2025.1 through 2025.6.2. No official patch or remediation guidance has been published yet. Join the discussion | CVE Database V5 | 07/02/2026, 23:06:12 UTC Added: 07/02/2026, 23:21:37 UTC |
CVE-2026-13384: CWE-787 Out-of-bounds Write in WatchGuard Fireware OSCVE-2026-13384 0 CVE-2026-13384 is an out-of-bounds write vulnerability in the WatchGuard Fireware OS wgagent process. It affects versions 12.1 through 12.12 and 2025.1 through 2026.2. An authenticated privileged user can exploit this flaw via specially crafted requests to the Management Web UI to execute arbitrary code. The vulnerability has a high severity with a CVSS 4.0 base score of 8.6. No official patch or remediation guidance is currently provided by the vendor. Join the discussion | CVE Database V5 | 07/02/2026, 23:05:59 UTC Added: 07/02/2026, 23:21:37 UTC |
CVE-2026-13383: CWE-787 Out-of-bounds Write in WatchGuard Fireware OSCVE-2026-13383 0 CVE-2026-13383 is an out-of-bounds write vulnerability in the ikestubd process of WatchGuard Fireware OS. It affects versions 12.1 through 12.12 and 2025.1 through 2026.2. An authenticated privileged user can exploit this flaw via specially crafted requests to the Management Web UI to execute arbitrary code. The vulnerability has a high severity with a CVSS score of 8.6. No official patch or remediation guidance has been provided yet by the vendor. Join the discussion | CVE Database V5 | 07/02/2026, 23:05:53 UTC Added: 07/02/2026, 23:21:37 UTC |
CVE-2026-13377: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in WatchGuard Fireware OSCVE-2026-13377 0 CVE-2026-13377 is a stored cross-site scripting (XSS) vulnerability in the SIP Proxy module of WatchGuard Fireware OS. It affects specific versions including 12.0, 12.5, and 2025.1. The vulnerability allows improper neutralization of input during web page generation, creating an additional attack path related to CVE-2025-6947. The CVSS score is 4.8, indicating medium severity. Join the discussion | CVE Database V5 | 07/02/2026, 23:05:32 UTC Added: 07/02/2026, 23:21:37 UTC |
CVE-2026-13376: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in WatchGuard Fireware OSCVE-2026-13376 0 CVE-2026-13376 is a stored Cross-site Scripting (XSS) vulnerability in the spamBlocker module of WatchGuard Fireware OS. It affects versions 12.0, 12.5 through 12.5.18, and 2025.1 through 2026.2. This vulnerability represents an additional unmitigated attack path related to CVE-2025-1071. The CVSS 4.8 score indicates a medium severity level. Join the discussion | CVE Database V5 | 07/02/2026, 23:05:26 UTC Added: 07/02/2026, 23:21:37 UTC |
CVE-2026-13373: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in WatchGuard Fireware OSCVE-2026-13373 0 CVE-2026-13373 is a stored cross-site scripting (XSS) vulnerability in WatchGuard Fireware OS affecting certain versions of the Tigerpaw Technology Integration module. It allows improper neutralization of input during web page generation, enabling an additional attack path related to a previous vulnerability (CVE-2025-13936). The affected versions include 12.4, 12.5, and 2025.1. The vulnerability has a medium severity rating with a CVSS score of 4.8. Join the discussion | CVE Database V5 | 07/02/2026, 23:05:00 UTC Added: 07/02/2026, 23:21:35 UTC |
CVE-2026-13371: CWE-502 Deserialization of Untrusted Data in WatchGuard Fireware OSCVE-2026-13371 0 CVE-2026-13371 is a medium severity vulnerability in WatchGuard Fireware OS that allows an authenticated administrator to cause a denial-of-service (DoS) condition. The issue arises from unsafe deserialization of attacker-supplied input sent to the put_data endpoint in the Fireware Management Web UI. This vulnerability affects specific versions of Fireware OS and does not require user interaction beyond authentication. Join the discussion | CVE Database V5 | 07/02/2026, 23:04:42 UTC Added: 07/02/2026, 23:21:35 UTC |
CVE-2026-13368: CWE-416 Use After Free in WatchGuard Fireware OSCVE-2026-13368 0 A use-after-free vulnerability exists in WatchGuard Fireware OS due to a race condition in LDAP authentication for Mobile User VPN with IKEv2. This flaw allows a remote unauthenticated attacker to execute arbitrary code in the context of the iked process on affected Fireboxes configured with external LDAP authentication. The vulnerability affects multiple versions of Fireware OS including 11.0 through 11.12.4_Update1, 12.0 through 12.12, and 2025.1 through 2026.2. The CVSS 4.0 score is 9.2, indicating critical severity. Join the discussion | CVE Database V5 | 07/02/2026, 23:06:32 UTC Added: 07/02/2026, 23:21:35 UTC |
Showing 1 to 10 of 14 results