Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threat Intelligence Database

Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.

Threat Intelligence

Click on any threat for detailed analysis and mitigation recommendations

CVE-2026-42936: Uncontrolled Search Path Element in SBI SECURITIES Co.,Ltd. HYPER SBI 2CVE-2026-42936
0

CVE-2026-42936 is a vulnerability in the installer of SBI SECURITIES Co.,Ltd. HYPER SBI 2 where it insecurely loads Dynamic Link Libraries (DLLs). If a crafted DLL is placed in the same directory as the installer, it may lead to arbitrary code execution with the privileges of the user running the installer. This vulnerability has a high severity score of 7.8 and requires user interaction to be exploited.

Join the discussion
Looking for comments on what happened with this Ring Camera footage
0

A Reddit user shared a post discussing suspicious Ring camera footage showing a car theft where the thief appears to use a device that disrupts or fools the camera. The video shows the footage cutting out at a critical moment, suggesting possible interference. The original post and discussion do not confirm the nature of the device or the exact technical cause of the footage disruption.

Join the discussion
CVE-2026-8920: CWE-923: Improper Restriction of Communication Channel to Intended Endpoints in ASUS Aura Wallpaper ServiceCVE-2026-8920
0

CVE-2026-8920 is a high-severity vulnerability in the ASUS Aura Wallpaper Service version 2.1.8.0. It involves improper restriction of communication channels and external control of file paths, allowing a local user to perform unauthorized file operations by sending crafted commands with arbitrary file paths. On certain ASUS models, this vulnerability can also disable a specific feature of the service.

Join the discussion
CVE-2026-8919: CWE-942: Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDKCVE-2026-8919
0

CVE-2026-8919 is a high-severity vulnerability in ASUS GameSDK involving a permissive cross-domain security policy that allows untrusted domains. A remote attacker can trick a local user into visiting a crafted web page that sends a request with a UNC path to the local service endpoint of GameSDK. This can lead to disclosure of the user's NTLM hash, potential data tampering, denial of service of GameSDK, and unauthorized access to the victim's information on other services.

Join the discussion
CVE-2026-15030: CWE-125: Out-of-bounds Read in ASUS System Control Interface v3CVE-2026-15030
0

CVE-2026-15030 is an out-of-bounds read vulnerability in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager. It allows a local administrator to read memory beyond intended firmware boundaries by sending a crafted IOCTL request that bypasses validation. The vulnerability has a CVSS 4.0 base score of 5.6, indicating medium severity. No patch or official remediation guidance has been provided yet. There are no known exploits in the wild at this time.

Join the discussion
CVE-2026-15029: CWE-822: Untrusted Pointer Dereference in ASUS System Control Interface v3CVE-2026-15029
0

CVE-2026-15029 is a high-severity vulnerability in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager. It involves untrusted pointer dereference allowing a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver. This bypasses operating system memory protections. No specific affected versions or patch information are provided in the available data.

Join the discussion
CVE-2026-13585: CWE-770: Allocation of Resources Without Limits or Throttling in ASUS System Control Interface v3CVE-2026-13585
0

CVE-2026-13585 is a high-severity vulnerability in ASUS System Control Interface v3 and ASUS Business Manager. It involves allocation of resources without limits or throttling and failure to remove sensitive information before reuse. A local administrator can exploit this via crafted IOCTL requests to disclose sensitive information and potentially cause a Denial of Service (DoS) on the system.

Join the discussion
CVE-2026-13385: CWE-354: Improper Validation of Integrity Check Value (4.20) in ASUS RouterCVE-2026-13385
0

CVE-2026-13385 is a critical vulnerability in certain ASUS router models involving improper validation of integrity check values and certificates. This flaw allows a remote attacker performing a man-in-the-middle (MITM) attack to trick the router into downloading and executing arbitrary commands from a spoofed server. The vulnerability has a high CVSS 4.0 score of 9.5, indicating severe impact. No specific affected versions or patches have been disclosed yet, and no known exploits are reported in the wild. Users should monitor official ASUS advisories for updates and apply security updates once available.

Join the discussion
CVE-2026-11851: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in ASUS RouterCVE-2026-11851
0

CVE-2026-11851 is an SQL Injection vulnerability in the web management interface of certain ASUS router models. It allows a remote authenticated user to bypass input validation and disclose confidential information. The vulnerability is classified as CWE-89 and has a medium severity with a CVSS score of 5.9. No specific affected versions or patches have been provided yet. The vulnerability requires high privileges and high attack complexity, with no user interaction needed.

Join the discussion
ISC Stormcast For Wednesday, July 15th, 2026 https://isc.sans.edu/podcastdetail/10008, (Wed, Jul 15th)
0

This entry references the ISC Stormcast podcast episode dated July 15th, 2026, from the SANS Internet Storm Center. No specific vulnerability details, technical information, or threat indicators are provided in the source content. The threat level is indicated as green, suggesting a low or no immediate threat. No affected software versions or exploits in the wild are identified.

MediumVulnerability
Join the discussion

Showing 1 to 10 of 12019 results

Page 1 of 1202
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses