Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threat Intelligence
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-59875: CWE-248: Uncaught Exception in isaacs node-tarCVE-2026-59875 0 node-tar versions prior to 7.5.17 do not strip NUL bytes from PAX path and linkpath records, which can cause a crafted archive to trigger an uncaught exception and terminate the process. This issue is resolved in version 7.5.17. Join the discussion | CVE Database V5 | 07/08/2026, 15:20:29 UTC Added: 07/08/2026, 15:58:58 UTC |
CVE-2026-59874: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in isaacs node-tarCVE-2026-59874 0 node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, tar.replace accepts a checksum-valid tar header with a negative base-256 encoded entry size, causing the archive scanner to make no progress while repeatedly parsing the same header. This issue is fixed in version 7.5.18. Join the discussion | CVE Database V5 | 07/08/2026, 15:23:47 UTC Added: 07/08/2026, 15:58:58 UTC |
CVE-2026-59873: CWE-770: Allocation of Resources Without Limits or Throttling in isaacs node-tarCVE-2026-59873 0 A critical vulnerability (CVE-2026-59873) exists in isaacs node-tar before version 7.5.19, where the library does not enforce limits on decompressed data size, entry counts, or decompression ratio during extraction. This allows crafted gzip bombs to exhaust system resources such as disk space and CPU. The issue is fixed in version 7.5.19. Join the discussion | CVE Database V5 | 07/08/2026, 15:22:40 UTC Added: 07/08/2026, 15:58:58 UTC |
CVE-2026-59871: CWE-704: Incorrect Type Conversion or Cast in isaacs node-tarCVE-2026-59871 0 node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, node-tar coerces all-digit PAX path and linkpath values in src/pax.ts to JavaScript numbers, causing downstream path handling such as normalizeWindowsPath(entry.path).split('/') to throw an uncaught TypeError. This issue is fixed in version 7.5.18. Join the discussion | CVE Database V5 | 07/08/2026, 15:25:09 UTC Added: 07/08/2026, 15:58:58 UTC |
Showing 1 to 4 of 4 results