Threat intelligence dashboard
Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.
Attack reports – last 7 days · through Saturday 11 July 2026 (8)
-
Confidence 100 13 MITREs 4 IOCs 2 Observables
-
Confidence 100 20 MITREs 1 Malware 8 IOCs 5 Observables
-
Confidence 100 15 MITREs 9 IOCs 5 Observables 1 APT
-
Confidence 100 18 MITREs 5 Malwares 30 IOCs 7 Observables
-
Confidence 100 19 MITREs 2 Malwares 13 IOCs 7 Observables
Vulnerabilities today (25)
Frappe is a full-stack web application framework. Prior to 16.18.3, possible path traversal and local file inclusion were possible through secure local …
- Published
- 11/07/2026
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. Prior to 2.2.5, the GET /api/v1/ddns and GET /api/v1/notification …
- Published
- 11/07/2026
Frappe is a full-stack web application framework. Prior to 16.16.0 and 15.106.0, user enumeration could be performed via the reset_password endpoint. This …
- Published
- 11/07/2026
Frappe is a full-stack web application framework. Prior to 16.19.0 and 15.109.0, path traversal via download_backups was possible due to lack of …
- Published
- 11/07/2026
Improper encoding of non-finite floating-point values during MapMessage JSON serialization in Apache Log4j API produces output that is not valid JSON. This …
- Published
- 11/07/2026
Mailpit is an email testing tool and API for developers. Prior to 1.30.2, the remediation shipped for CVE-2026-27808 is incomplete because the …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 11/07/2026
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. From 3.0.0 through 3.0.15, the …
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 11/07/2026
Frappe is a full-stack web application framework. Prior to 16.20.0 and 15.110.0, users without write access could attach files to any doctype …
- Published
- 11/07/2026
Frappe is a full-stack web application framework. Prior to 15.107.5 and 16.18.2, an endpoint in reportview lacked appropriate permission checks and that …
- Published
- 11/07/2026
Frappe is a full-stack web application framework. Prior to 16.18.3 and 15.108.0, check_safe_sql_query permitted SELECT INTO OUTFILE queries, which could potentially work …
- Published
- 11/07/2026