Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Low Severity Threats

Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.
Active filters (2):Severity: Low

Filtered Threats

Click on any threat for detailed analysis and mitigation recommendations

CVE-2026-14286CVE-2026-14286
0

CVE-2026-14286 is a vulnerability record that has been rejected and contains no technical details or description. There is no information about affected versions, impact, or remediation.

Join the discussion
New U-Boot flaws could enable stealthy firmware attacks
0

Six vulnerabilities have been identified in the widely used U-Boot bootloader that could allow attackers to execute malicious code during device boot. These flaws may enable stealthy firmware attacks that bypass security protections and install persistent malware. No specific affected versions or patches have been disclosed. There are no known exploits in the wild at this time. The severity is assessed as low based on available information.

LowMalware
Join the discussion
CVE-2026-6872CVE-2026-6872
0

CVE-2026-6872 is a vulnerability record that has been rejected and contains no detailed information about the nature of the vulnerability, affected versions, or impact. There is no CVSS score or technical details available to assess the threat.

Join the discussion
CVE-2026-53780CVE-2026-53780
0

CVE-2026-53780 is a reserved identifier for a vulnerability that has been rejected and contains no public technical details or impact information.

Join the discussion
CVE-2026-55783: CWE-476: NULL Pointer Dereference in M2Team NanaZipCVE-2026-55783
0

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passing Indices as NULL and NumItems as 0xFFFFFFFF. This causes a NULL pointer dereference in the standard Test archive or Extract all code path for WebAssembly, ElectronAsar, Zealfs, Romfs, Ufs, Littlefs, and DotNetSingleFile archives, resulting in a process crash. This issue is fixed in version 6.5.1749.0.

Join the discussion
CVE-2026-55782: CWE-400: Uncontrolled Resource Consumption in M2Team NanaZipCVE-2026-55782
0

NanaZip versions prior to 6.5.1749.0 contain a vulnerability in the WebAssembly archive handler that allows an attacker to cause uncontrolled memory allocation by crafting archive files with maliciously large name and size fields. This can lead to memory exhaustion or process termination during archive listing or extraction. The issue is fixed in version 6.5.1749.0.

Join the discussion
CVE-2026-55781: CWE-400: Uncontrolled Resource Consumption in M2Team NanaZipCVE-2026-55781
0

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's UFS and FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp validates the superblock block size only against the MINBSIZE lower bound and does not validate the fs_fsize fragment size, allowing attacker-controlled 32-bit fields to flow into indirect-block, directory, and extraction buffer allocations. A tiny crafted UFS image can force multi-gigabyte allocations during open or extraction, causing memory exhaustion or process termination. This issue is fixed in version 6.5.1749.0.

Join the discussion
CVE-2026-55780: CWE-248: Uncaught Exception in M2Team NanaZipCVE-2026-55780
0

NanaZip versions prior to 6.5.1749.0 contain a vulnerability in the .NET single-file bundle handler where the extraction buffer size is derived from an unvalidated Size field. This can lead to uncaught exceptions such as std::bad_alloc or std::length_error escaping across COM boundaries and crashing the process. The issue is fixed in version 6.5.1749.0. The vulnerability has a low severity score and does not have known exploits in the wild.

Join the discussion
CVE-2026-59180: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in caronc appriseCVE-2026-59180
0

Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. Prior to 1.11.0, Apprise HTTP-based notification plugins and HTTP attachment and config loaders in apprise/attachment/http.py and apprise/config/http.py follow HTTP redirects by default and resend user-configured auth headers and query parameters on the redirected request, allowing a compromised trusted destination or on-path attacker to receive secrets such as Authorization headers, bearer tokens, custom headers, and service keys. This issue is fixed in version 1.11.0.

Join the discussion
CVE-2026-61492: CWE-79 in JetBrains YouTrackCVE-2026-61492
0

In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible

Join the discussion

Showing 1 to 10 of 383 results

Filters:Severity: Low
Page 1 of 39
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses