Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threat Intelligence Database

Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.

Threat Intelligence

Click on any threat for detailed analysis and mitigation recommendations

CVE-2026-14628: Path Traversal in NousResearch hermes-agentCVE-2026-14628
0

CVE-2026-14628 is a path traversal vulnerability in the NousResearch hermes-agent affecting the extract_media function in gateway/platforms/base.py of the Live Webhook Endpoint component. It impacts versions 2026.5.0 through 2026.5.16. The vulnerability can be exploited remotely without authentication. The vendor has not responded to the disclosure, and no official patch or remediation is currently available. The CVSS 4.0 base score is 6.9, indicating a medium severity level.

Join the discussion
CVE-2026-14626: Denial of Service in NousResearch hermes-agentCVE-2026-14626
0

A denial of service vulnerability exists in NousResearch hermes-agent versions 2026.4.0 through 2026.4.30. The issue is in the AIAgent.run_conversation function within the HTTP API component, where manipulation of the 'todos' argument can cause the service to become unavailable. The vulnerability can be exploited remotely without user interaction or elevated privileges. No official fix or patch has been announced by the vendor, who has not responded to disclosure attempts. The CVSS 4.0 base score is 5.3, indicating a medium severity level.

Join the discussion
CVE-2026-14625: Protection Mechanism Failure in NousResearch hermes-agentCVE-2026-14625
0

CVE-2026-14625 is a medium severity vulnerability in NousResearch hermes-agent versions 0.15.0, 0.15.1, and 0.15.2. It involves a protection mechanism failure in the shell.exec function within the tui_gateway/server.py file. The flaw allows remote attackers to exploit the vulnerability. The vendor has not responded to disclosure requests, and no official patch or remediation is currently available. The exploit code has been publicly released.

Join the discussion
CVE-2026-11461: Authorization Bypass in NousResearch hermes-agentCVE-2026-11461
0

A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolve_session_by_title of the file hermes_state.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Join the discussion

Showing 1 to 4 of 4 results

Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses