Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-48315: Improper Input Validation (CWE-20) in Adobe ColdFusionCVE-2026-48315 0 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed. Join the discussion | CVE Database V5 | 06/30/2026, 15:12:03 UTC Added: 06/30/2026, 15:51:48 UTC |
CVE-2026-48314: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) in Adobe ColdFusionCVE-2026-48314 0 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited read and write access to unauthorized files or directories outside the intended restrictions. Exploitation of this issue does not require user interaction. Join the discussion | CVE Database V5 | 06/30/2026, 15:11:58 UTC Added: 06/30/2026, 15:51:48 UTC |
CVE-2026-48313: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) in Adobe ColdFusionCVE-2026-48313 0 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read and limited write access. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue does not require user interaction. Scope is changed. Join the discussion | CVE Database V5 | 06/30/2026, 15:12:00 UTC Added: 06/30/2026, 15:51:48 UTC |
CVE-2026-48307: Cross-site Scripting (Reflected XSS) (CWE-79) in Adobe ColdFusionCVE-2026-48307 0 ColdFusion versions 2025.9, 2023.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious link. Scope is changed. Join the discussion | CVE Database V5 | 06/30/2026, 15:11:59 UTC Added: 06/30/2026, 15:51:47 UTC |
CVE-2026-48283: Unrestricted Upload of File with Dangerous Type (CWE-434) in Adobe ColdFusionCVE-2026-48283 0 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed. Join the discussion | CVE Database V5 | 06/30/2026, 15:11:56 UTC Added: 06/30/2026, 15:51:47 UTC |
CVE-2026-47960: Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) in Adobe ColdFusionCVE-2026-47960 0 Adobe ColdFusion versions 2023.0.0 through 2023.19 and 2025.0.0 through 2025.8 are affected by an XML External Entity (XXE) vulnerability (CWE-611). This vulnerability allows an attacker to read arbitrary files on the system by exploiting improper restriction of XML external entity references. Exploitation requires user interaction, specifically that a victim opens a malicious file. The vulnerability impacts confidentiality but does not affect integrity or availability. Join the discussion | CVE Database V5 | 06/09/2026, 20:33:37 UTC Added: 06/09/2026, 21:10:50 UTC |
CVE-2026-47933: Cross-site Scripting (Stored XSS) (CWE-79) in Adobe ColdFusionCVE-2026-47933 0 Adobe ColdFusion versions 2023.0.0 through 2023.19 and 2025.0.0 through 2025.8 are affected by a stored Cross-Site Scripting (XSS) vulnerability. This flaw allows a low-privileged attacker to inject malicious scripts into vulnerable form fields, which execute in the browsers of users who visit the affected pages. The vulnerability changes the security scope and can lead to limited confidentiality and integrity impacts. No official patch or remediation guidance is currently provided by the vendor. Join the discussion | CVE Database V5 | 06/09/2026, 20:33:33 UTC Added: 06/09/2026, 21:10:47 UTC |
CVE-2026-47932: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) in Adobe ColdFusionCVE-2026-47932 0 ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access unauthorized files or directories outside the intended restrictions. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed. Join the discussion | CVE Database V5 | 06/09/2026, 20:33:38 UTC Added: 06/09/2026, 21:10:47 UTC |
CVE-2026-47929: Incorrect Authorization (CWE-863) in Adobe ColdFusionCVE-2026-47929 0 ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to gain elevated access or control over the victim's account or session. Exploitation of this issue does not require user interaction. Scope is changed. Join the discussion | CVE Database V5 | 06/09/2026, 20:33:38 UTC Added: 06/09/2026, 21:10:47 UTC |
Showing 1 to 9 of 9 results