Links submitted by the Threat Radar community and AI curated for defenders.

Community Curated

NCSC UK

GCP Compute Engine Security

GCP Kubernetes Security

AWS Security Bulletins

CERT/CC

Tenable Research

Google Project Zero

Microsoft Security Blog

Cisco Talos

Zero Day Initiative

Palo Alto Unit 42

Krebs on Security

Kaspersky Security Blog

Check Point Research

GCVE Database

CVE Database V5

AlienVault OTX General

Real-world exploitation and exposure telemetry from the OffSeq Mirage honeypot fleet and Sonar internet scans — which CVEs attackers are actually exploiting and which are exposed in the wild, plus attacker IoCs. All IPs are masked; no raw victim or sensor identity is ever published.

OffSeq Mirage

Bleeping Computer

SANS ISC Handlers Diary

SecurityWeek

Threatpost

Reddit ExploitDev

Latest exploits, shellcode, and vulnerability proofs-of-concept from Exploit-DB

Exploit-DB RSS Feed

Reddit ThreatIntel

Reddit BlueTeam

Reddit Reverse Engineering

Reddit Malware

Reddit Cybersecurity

Reddit NetSec

ThreatFox MISP Feed

CIRCL OSINT Feed

Reddit InfoSec News

The Hacker News

Dark Reading

AlienVault OTX Vulnerabilities

AlienVault OTX Malware

JVN Japan

Magick.NET-Q16-AnyCPU

Magick.NET-Q16-HDRI-AnyCPU

Magick.NET-Q16-HDRI-OpenMP-arm64

Magick.NET-Q16-HDRI-arm64

Magick.NET-Q16-HDRI-x64

Magick.NET-Q16-HDRI-x86

Magick.NET-Q16-OpenMP-arm64

Magick.NET-Q16-OpenMP-x64

Magick.NET-Q16-arm64

Magick.NET-Q16-x64

Magick.NET-Q16-x86

Magick.NET-Q8-AnyCPU

Magick.NET-Q8-OpenMP-arm64

Magick.NET-Q8-OpenMP-x64

Magick.NET-Q8-arm64

Magick.NET-Q8-x64

Magick.NET-Q8-x86

A vulnerability in Magick.NET-Q16-AnyCPU prior to version 14.14.0 allows a policy bypass via incorrect filename parsing. This flaw enables reading of files disallowed by security policies through the use of symbolic links. The issue can lead to unauthorized disclosure of sensitive information without requiring user interaction.

CVE-2026-49219 is a vulnerability in Magick.NET-Q16-AnyCPU where improper parsing of filenames allows an attacker with local privileges to bypass security policies and read files that should be disallowed. This is achieved by leveraging symbolic links to access restricted files. The vulnerability is classified under CWE-200 (Information Exposure), CWE-22 (Path Traversal), CWE-78 (OS Command Injection), and CWE-863 (Incorrect Authorization). It affects versions prior to 14.14.0.

Detailed information about GHSA-xcjm-wqff-m669: ImageMagick: Policy Bypass can read disallowed files via symlink affecting null Magick.NET-Q16-AnyCPU. Get real-

GHSA-xcjm-wqff-m669: ImageMagick: Policy Bypass can read disallowed files via symlink - Live Threat Intelligence - Threat Radar | OffSeq.com

GHSA-xcjm-wqff-m669: ImageMagick: Policy Bypass can read disallowed files via symlink

These are all security issues fixed in the ImageMagick-7.1.2.25-2.1 package on the GA media of openSUSE Tumbleweed.

This advisory covers a collection of security vulnerabilities fixed in the ImageMagick-7.1.2.25-2.1 package distributed with openSUSE Tumbleweed on GA media. The vulnerabilities include 12 CVEs, such as CVE-2026-42326 and others, addressed by the SUSE Product Security Team. The advisory does not provide detailed technical descriptions or CVSS metrics for these vulnerabilities. The fixes are included in the specified package versions for the aarch64 architecture. No known exploits in the wild have been reported. The vulnerabilities affect ImageMagick components including the main package, configuration, and development files.

Detailed information about ImageMagick: Mehrere Schwachstellen affecting Bundesamt für Sicherheit in der Informationstechnik Amazon. Get real-time updates, tech

ImageMagick: Mehrere Schwachstellen - Live Threat Intelligence - Threat Radar | OffSeq.com

SUSE ratings

URL of this CSAF notice

SUSE CVE CVE-2026-42326 page

SUSE CVE CVE-2026-45031 page

SUSE CVE CVE-2026-45358 page

SUSE CVE CVE-2026-45359 page

SUSE CVE CVE-2026-45624 page

SUSE CVE CVE-2026-45664 page

SUSE CVE CVE-2026-46520 page

SUSE CVE CVE-2026-46522 page

SUSE CVE CVE-2026-46523 page

SUSE CVE CVE-2026-46557 page

SUSE CVE CVE-2026-46559 page

SUSE CVE CVE-2026-46692 page

SUSE CVE CVE-2026-46693 page

SUSE CVE CVE-2026-47165 page

SUSE CVE CVE-2026-47166 page

SUSE CVE CVE-2026-48724 page

SUSE CVE CVE-2026-48734 page

SUSE CVE CVE-2026-48994 page

ImageMagick-7.1.2.25-2.1 on GA media


GHSA-xcjm-wqff-m669: ImageMagick: Policy Bypass can read disallowed files via symlinkCVE-2026-49219 0 A vulnerability in Magick.NET-Q16-AnyCPU prior to version 14.14.0 allows a policy bypass via incorrect filename parsing. This flaw enables reading of files disallowed by security policies through the use of symbolic links. The issue can lead to unauthorized disclosure of sensitive information without requiring user interaction. MediumVulnerability#gcve #osv #ghsa-xcjm-wqff-m669 Join the discussion	GCVE Database	06/25/2026, 21:53:29 UTC Added: 06/26/2026, 22:06:29 UTC
ImageMagick-7.1.2.25-2.1 on GA mediaCVE-2026-42326 0 These are all security issues fixed in the ImageMagick-7.1.2.25-2.1 package on the GA media of openSUSE Tumbleweed. MediumVulnerability#gcve #csaf #cve-2026-42326 Join the discussion	GCVE Database	06/19/2026, 00:00:00 UTC Added: 06/09/2026, 10:23:17 UTC

Threats Tagged 'cve-2026-49219'

Stop chasing alerts. Route them.

Check if your credentials are on the dark web

Filter Threats

Threats Tagged 'cve-2026-49219'

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility