216.73.217.64

Threat intelligence dashboard

Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.

Attack reports – last 7 days · through Saturday 11 July 2026 (8)

Vulnerabilities today (25)

Sorted by CVSS severity (highest first)

7.1 High

Frappe is a full-stack web application framework. Prior to 16.18.3, possible path traversal and local file inclusion were possible through secure local …

Published
11/07/2026
6.9 Medium

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. Prior to 2.2.5, the GET /api/v1/ddns and GET /api/v1/notification …

Published
11/07/2026
6.9 Medium

Frappe is a full-stack web application framework. Prior to 16.16.0 and 15.106.0, user enumeration could be performed via the reset_password endpoint. This …

Published
11/07/2026
6.9 Medium

Frappe is a full-stack web application framework. Prior to 16.19.0 and 15.109.0, path traversal via download_backups was possible due to lack of …

Published
11/07/2026
6.3 Medium

Improper encoding of non-finite floating-point values during MapMessage JSON serialization in Apache Log4j API produces output that is not valid JSON. This …

Published
11/07/2026
5.8 Medium

Mailpit is an email testing tool and API for developers. Prior to 1.30.2, the remediation shipped for CVE-2026-27808 is incomplete because the …

Attack vector
NETWORK
Complexity
LOW
Published
11/07/2026
5.8 Medium

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. From 3.0.0 through 3.0.15, the …

Attack vector
NETWORK
Complexity
LOW
Published
11/07/2026
5.3 Medium

Frappe is a full-stack web application framework. Prior to 16.20.0 and 15.110.0, users without write access could attach files to any doctype …

Published
11/07/2026
5.3 Medium

Frappe is a full-stack web application framework. Prior to 15.107.5 and 16.18.2, an endpoint in reportview lacked appropriate permission checks and that …

Published
11/07/2026
2.3 Low

Frappe is a full-stack web application framework. Prior to 16.18.3 and 15.108.0, check_safe_sql_query permitted SELECT INTO OUTFILE queries, which could potentially work …

Published
11/07/2026