Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threat Intelligence Database

Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.

Threat Intelligence

Click on any threat for detailed analysis and mitigation recommendations

CVE-2026-15627: Information Disclosure in nextlevelbuilder GoClawCVE-2026-15627
0

CVE-2026-15627 is an information disclosure vulnerability in nextlevelbuilder GoClaw affecting versions 3.13.3-beta.0 through 3.13.3-beta.3. The issue exists in the handleNavigate function within pkg/browser/tool.go, where manipulation of the argument args.targetUrl can lead to unintended information exposure. The vulnerability can be exploited remotely without user interaction or privileges. The CVSS 4.0 base score is 5.3, indicating a medium severity level. No official patch or remediation guidance is currently available from the vendor. Exploit code is publicly available, but no known exploits in the wild have been reported.

Join the discussion
CVE-2026-15626: Path Traversal in nextlevelbuilder GoClawCVE-2026-15626
0

CVE-2026-15626 is a path traversal vulnerability in nextlevelbuilder GoClaw version 3.13.3-beta.3. It affects the writeFile function in the internal/providers/acp/tool_bridge.go file, specifically within the ACP ToolBridge Workspace Handler component. This vulnerability allows remote attackers to manipulate file paths, potentially accessing or modifying files outside the intended directory. The vulnerability has a medium severity rating with a CVSS score of 5.3. There is no official patch or remediation guidance available at this time, and no known exploits are reported in the wild.

Join the discussion
CVE-2026-15625: Incomplete Blacklist in nextlevelbuilder GoClawCVE-2026-15625
0

CVE-2026-15625 is a medium severity vulnerability in nextlevelbuilder GoClaw version 3.11.3. It affects the ExecApprovalManager.CheckCommand function, causing an incomplete blacklist that can be exploited remotely. The vulnerability allows attackers to bypass intended command restrictions. Exploit details have been made public, but no official patch or remediation guidance is currently available.

Join the discussion
CVE-2026-15624: Server-Side Request Forgery in nextlevelbuilder GoClawCVE-2026-15624
0

A server-side request forgery (SSRF) vulnerability exists in nextlevelbuilder GoClaw version 3.13.3-beta.3. The issue is in the bytePlusDownloadVideo function within internal/tools/create_video_byteplus.go, where manipulation of the output.video_url argument can lead to SSRF. Remote exploitation is possible. The vulnerability has been publicly disclosed but no official patch or remediation has been confirmed yet.

Join the discussion
CVE-2026-14716: Incorrect Authorization in nextlevelbuilder GoClawCVE-2026-14716
0

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.13.0-beta.2. Impacted is the function MethodRouter.Handle of the file internal/gateway/router.go of the component WebSocket RPC Handler. Such manipulation leads to incorrect authorization. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report.

Join the discussion

Showing 1 to 5 of 5 results

Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses