Threat Intelligence Database
Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Search Results: "route.ts"
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-10280: Server-Side Request Forgery in horizon921 mcpilotCVE-2026-10280 0 A security flaw has been discovered in horizon921 mcpilot 0.1.0. The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the component MCP API Call Endpoint. The manipulation of the argument serverBaseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. Join the discussion | CVE Database V5 | 06/01/2026, 18:00:12 UTC Added: 06/01/2026, 19:52:32 UTC |
CVE-2026-9372: Server-Side Request Forgery in ItzCrazyKns VaneCVE-2026-9372 0 A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affects unknown code of the file src/app/api/providers/route.ts of the component Model Provider API. This manipulation of the argument baseURL causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. Join the discussion | CVE Database V5 | 05/24/2026, 10:00:18 UTC Added: 05/24/2026, 10:31:37 UTC |
CVE-2026-9371: Missing Authentication in ItzCrazyKns VaneCVE-2026-9371 0 A security vulnerability has been detected in ItzCrazyKns Vane up to 1.12.1. Affected by this issue is some unknown functionality of the file route.ts of the component API. The manipulation leads to missing authentication. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitation is known to be difficult. The exploit has been disclosed publicly and may be used. It appears that basic authentication is planned. Join the discussion | CVE Database V5 | 05/24/2026, 09:45:12 UTC Added: 05/24/2026, 10:01:37 UTC |
CVE-2026-9304: Server-Side Request Forgery in calcom cal.diyCVE-2026-9304 0 A security flaw has been discovered in calcom cal.diy up to 4.9.4. The affected element is the function validateUrlForSSRF of the file apps/web/app/api/logo/route.ts of the component Logo API. The manipulation results in server-side request forgery. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Join the discussion | CVE Database V5 | 05/23/2026, 13:45:08 UTC Added: 05/23/2026, 14:16:37 UTC |
Showing 1 to 4 of 4 results