Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-50631: CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Software Foundation Apache CXFCVE-2026-50631 0 A race condition in AbstractOAuthDataProvider allows concurrent requests using the same Refresh Token to bypass single-use semantics and generate multiple valid Access Tokens, when 'recycleRefreshTokens' is set to false. A leaked refresh token can be replayed concurrently by multiple attackers or threads. Users are recommended to upgrade to versions 4.2.2 or 4.1.7, which fixes this issue. Join the discussion | CVE Database V5 | 06/12/2026, 08:59:40 UTC Added: 06/12/2026, 09:54:39 UTC |
CVE-2026-50630: CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') in Apache Software Foundation Apache CXFCVE-2026-50630 0 A CRLF injection vulnerability exists in the OAuth2 AuthorizationUtils class. When constructing the WWW-Authenticate response header, the 'realm' parameter is concatenated without sanitizing Carriage Return (CR) and Line Feed (LF) characters. If an attacker can control the realm value, they can inject arbitrary HTTP headers or split the HTTP response entirely. Users are recommended to upgrade to versions 4.2.2 or 4.1.7, which fixes this issue. Join the discussion | CVE Database V5 | 06/12/2026, 08:58:27 UTC Added: 06/12/2026, 09:54:39 UTC |
CVE-2026-50629: CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection') in Apache Software Foundation Apache CXFCVE-2026-50629 0 The 'clientId' parameter from incoming HTTP requests is directly concatenated into OAuth2 server log warning messages without sanitizing control characters. This allows an attacker to inject arbitrary content, including fake log entries, into the server's log files. Users are recommended to upgrade to versions 4.2.2 or 4.1.7, which fixes this issue. Join the discussion | CVE Database V5 | 06/12/2026, 08:57:22 UTC Added: 06/12/2026, 09:54:35 UTC |
CVE-2026-50628: CWE-20 Improper Input Validation in Apache Software Foundation Apache CXFCVE-2026-50628 0 A logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP address, while blindly allowing requests from any other IP address. Enabling this security feature inadvertently creates an inverse security check. Users are recommended to upgrade to versions 4.2.2 or 4.1.7, which fixes this issue. Join the discussion | CVE Database V5 | 06/12/2026, 08:56:28 UTC Added: 06/12/2026, 09:54:35 UTC |
CVE-2026-50627: CWE-289 Authentication Bypass by Alternate Name in Apache Software Foundation Apache CXFCVE-2026-50627 0 The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' (Audience) claims of incoming JWT access tokens. This allows a JWT issued for one Resource Server to be successfully replayed against a completely different Resource Server, leading to Token Confusion/Routing attacks. Users are recommended to upgrade to versions 4.2.2 or 4.1.7, which fixes this issue. Join the discussion | CVE Database V5 | 06/12/2026, 08:55:41 UTC Added: 06/12/2026, 09:54:35 UTC |
CVE-2026-50623: CWE-287 Improper Authentication in Apache Software Foundation Apache CXFCVE-2026-50623 0 An authentication bypass vulnerability exists in the OAuth2 TokenIntrospectionService in Apache CXF. Due to a missing 'throw' keyword in the security context check, the introspection endpoint (/services/oauth2/introspect) can be accessed by any unauthenticated network attacker. However note that this is a safeguard only in the case that someone forgot to enable authentication on the service. Users are recommended to upgrade to version 4.2.2 or 4.1.7, which fixes this issue. Join the discussion | CVE Database V5 | 06/12/2026, 08:52:05 UTC Added: 06/12/2026, 09:54:35 UTC |
Showing 1 to 6 of 6 results