Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-15105: Deserialization in davenardella snap7CVE-2026-15105 0 CVE-2026-15105 is a medium severity vulnerability in davenardella snap7 versions 1.4.0 through 1.4.3. It involves a deserialization flaw in the TS7Worker::PerformFunctionRead function within the ReadVar Request Handler component. Exploitation requires local network access. Although an exploit has been published, the vendor has not yet responded or provided a fix. Join the discussion | CVE Database V5 | 07/08/2026, 22:15:12 UTC Added: 07/09/2026, 04:14:02 UTC |
3 Things I wish I knew before jumping into Incident Response 0 This content is an article discussing personal insights and challenges related to working in cybersecurity incident response (IR). It highlights the high stress levels, the non-technical aspects such as organizational politics and communication, and the critical nature of IR roles in protecting organizations. The article does not describe a specific security vulnerability, exploit, or breach event. Join the discussion | Reddit Cybersecurity | 07/09/2026, 02:29:39 UTC Added: 07/09/2026, 03:13:11 UTC |
ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th) 0 The provided information references an ISC Stormcast podcast episode dated July 9th, 2026, from the SANS Internet Storm Center. No specific vulnerability details, technical information, or affected software versions are provided in the source content. The entry does not describe a concrete security threat or vulnerability. MediumVulnerability Join the discussion | SANS ISC Handlers Diary | 07/09/2026, 02:00:02 UTC Added: 07/09/2026, 02:15:14 UTC |
_HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary], (Tue, Jul 7th) 0 A scanning and brute-force botnet, self-identified as a 'performance piece' originating from Belarus, sends HTTP requests containing a plea for help in the URL path. It scans random IP addresses for open HTTP (ports 80, 8000, 8080) and SSH (ports 22, 2222) ports, performing simple reconnaissance and attempting SSH brute force with a small fixed list of default credentials. The bot claims no persistence, no command-and-control, and self-terminates after about six months. Despite the stated intent, the bot poses a security risk to hosts with weak or default SSH credentials. MediumVulnerability Join the discussion | SANS ISC Handlers Diary | 07/09/2026, 01:20:02 UTC Added: 07/09/2026, 01:28:21 UTC |
CVE-2026-15138: Path Traversal in tumf mcp-text-editorCVE-2026-15138 0 CVE-2026-15138 is a medium severity path traversal vulnerability in the tumf mcp-text-editor affecting versions 1.0.0, 1.0.1, and 1.0.2. The issue exists in the _validate_file_path function of the mcp_text_editor/text_editor.py file, allowing remote attackers to manipulate file_path arguments to perform path traversal. The vulnerability has been publicly disclosed, but no official patch or remediation has been provided by the vendor, who closed the related GitHub issue without explanation. Join the discussion | CVE Database V5 | 07/09/2026, 00:15:08 UTC Added: 07/09/2026, 01:14:23 UTC |
CVE-2026-25262 Write-What-Where in Qualcomm Sahara confirmed on Snapdragon 8 Gen 1 (SM8450) – partial Firehose auth bypassCVE-2026-25262 0 CVE-2026-25262 is a write-what-where vulnerability in the Qualcomm Sahara protocol confirmed experimentally on the Snapdragon 8 Gen 1 (SM8450) platform. The vulnerability allows arbitrary writes to SRAM during the Sahara handshake, bypassing signature verification and partially bypassing Firehose loader authorization. While the loader executes and responds to commands without authorization errors, full UFS storage access has not yet been achieved. The vulnerability was previously known to affect only legacy 32-bit Qualcomm platforms, but this research extends its applicability to modern 64-bit ARMv9 SoCs. Further investigation is ongoing to achieve full Firehose initialization and understand TrustZone dependencies. No official patch or remediation guidance is currently available. Join the discussion | Reddit Cybersecurity | 07/08/2026, 13:33:30 UTC Added: 07/09/2026, 01:13:10 UTC |
PSA: PAN-OS authenticated command injection in the CLI (CVE-2026-0286) - patches out for 12.1, 11.2, 11.1, 10.2CVE-2026-0286 0 CVE-2026-0286 is an authenticated command injection vulnerability in the PAN-OS CLI. An attacker with administrative CLI access can execute arbitrary commands on the underlying system by escaping the CLI environment. The issue affects PAN-OS versions prior to 12.1.8, 11.2.13, 11.1.16, and 10.2.18-h8. Cloud NGFW services are not affected. Palo Alto Networks has released patches for these versions. A temporary mitigation is available via Threat Prevention subscription with Threat ID 510036, but it requires inbound management traffic decryption and is not a full fix. Patching is the recommended remediation. Join the discussion | Reddit Cybersecurity | 07/08/2026, 18:03:04 UTC Added: 07/09/2026, 01:13:10 UTC |
CVE-2026-15137: SQL Injection in code-projects Interview Management SystemCVE-2026-15137 0 CVE-2026-15137 is a SQL injection vulnerability in code-projects Interview Management System version 1.0. The vulnerability exists in the file \inc\classes\View.php due to improper handling of the argument ID, allowing remote attackers to manipulate SQL queries. The exploit code has been publicly disclosed. The vulnerability has a medium severity rating with a CVSS score of 6.9. Join the discussion | CVE Database V5 | 07/09/2026, 00:00:11 UTC Added: 07/09/2026, 00:13:54 UTC |
ThreatFox MISP Feed | 07/08/2026, 00:00:00 UTC Added: 07/09/2026, 00:13:07 UTC | |
CVE-2026-15134: SQL Injection in CodeAstro Simple Online Leave Management SystemCVE-2026-15134 0 CodeAstro Simple Online Leave Management System version 1.0 contains a SQL injection vulnerability in the /SimpleOnlineLeave/index.php file. The vulnerability arises from improper handling of the 'email' argument, allowing remote attackers to manipulate SQL queries. This issue has been publicly disclosed and carries a medium severity rating with a CVSS score of 6.9. Join the discussion | CVE Database V5 | 07/08/2026, 23:00:10 UTC Added: 07/08/2026, 23:29:31 UTC |
Showing 1 to 10 of 10506 results