Threats Tagged 'exploit'
View all threats tagged with 'exploit'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'exploit'
Click on any threat for detailed analysis and mitigation recommendations
Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure 0 A critical vulnerability (CVE-2026-20253) in Splunk Enterprise allows unauthenticated attackers to create or truncate arbitrary files via a PostgreSQL sidecar service endpoint lacking authentication controls. The flaw affects Splunk Enterprise versions 10.2 before 10.2.4 and 10.0 before 10.0.7. Exploitation was confirmed shortly after public disclosure, with proof-of-concept code published. CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog and mandated rapid patching for federal agencies. Splunk has released patches to remediate the issue and strongly recommends upgrading to fixed versions. Join the discussion | Reddit Cybersecurity | 06/19/2026, 05:28:00 UTC Added: 06/19/2026, 05:49:56 UTC |
CVE-2026-23111: exploiting and detecting a nftables UAF born from a security fixCVE-2026-23111 0 CVE-2026-23111 is a use-after-free (UAF) vulnerability in the Linux kernel's nftables subsystem, introduced by a security fix for a previous vulnerability (CVE-2023-4244). This flaw affects nf_tables and is reachable from an unprivileged user namespace. The vulnerability enables advanced exploitation techniques including kernel address space layout randomization (KASLR) leaks, arbitrary reads, kernel structure traversal, and privilege escalation to root (uid=0) without hardcoded addresses. The exploit and detection methods have been publicly disclosed, emphasizing detection strategies beyond payload identification. No specific affected versions or vendor patches are detailed in the provided information. Join the discussion | Reddit ExploitDev | 06/18/2026, 10:44:40 UTC Added: 06/18/2026, 11:35:03 UTC |
Exploit-DB RSS Feed | 05/29/2026, 00:00:00 UTC Added: 06/17/2026, 11:08:10 UTC | |
WordPress OrderConvo 14 - Path Traversal 0 WordPress OrderConvo 14 - Path Traversal Join the discussion | Exploit-DB RSS Feed | 06/01/2026, 00:00:00 UTC Added: 06/17/2026, 11:08:10 UTC |
Drupal Core 10.5.5 - Error-Based SQL Injection 0 Drupal Core 10.5.5 - Error-Based SQL Injection Join the discussion | Exploit-DB RSS Feed | 06/01/2026, 00:00:00 UTC Added: 06/17/2026, 11:08:10 UTC |
Exploit-DB RSS Feed | 05/26/2026, 00:00:00 UTC Added: 06/17/2026, 11:03:39 UTC | |
Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover 0 Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover Join the discussion | Exploit-DB RSS Feed | 05/26/2026, 00:00:00 UTC Added: 06/17/2026, 11:03:39 UTC |
Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service 0 Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service Join the discussion | Exploit-DB RSS Feed | 05/26/2026, 00:00:00 UTC Added: 06/17/2026, 11:03:39 UTC |
Grav CMS 2.0.0-beta.2 - Remote Code Execution 0 Grav CMS 2.0.0-beta.2 - Remote Code Execution Join the discussion | Exploit-DB RSS Feed | 05/26/2026, 00:00:00 UTC Added: 06/17/2026, 11:03:39 UTC |
Exploit-DB RSS Feed | 05/27/2026, 00:00:00 UTC Added: 06/17/2026, 11:03:39 UTC |
Showing 1 to 10 of 42 results